Home > mailing lists

Re: Disabling trust/ident authentication configure option - Mailing list pgsql-hackers

From	Bruce Momjian
Subject	Re: Disabling trust/ident authentication configure option
Date	May 18, 2015 23:01:41
Msg-id	20150518200129.GJ9458@momjian.us Whole thread Raw
In response to	Re: Disabling trust/ident authentication configure option (Alvaro Herrera <alvherre@2ndquadrant.com>)
List	pgsql-hackers

Tree view

On Mon, May 18, 2015 at 05:00:41PM -0300, Alvaro Herrera wrote:
> Bruce Momjian wrote:
> > On Mon, May 18, 2015 at 09:32:23PM +0200, Volker Aßmann wrote:
> 
> > > But I like the more general approach proposed by Alvaro, so in case this patch
> > > would have a chance to not be immediately rejected, I would try to implement
> > > the more generic approach. I would also include a check to ensure at least one
> > > reasonably secure way for password recovery is available. For Unix systems
> > > "peer" authentication seems to be a good candidate.
> > 
> > Likely to be rejected.
> 
> Why?

Because, as Josh stated, it is more of a bandaid rather than a fix ---
we can't protect administrators against themselves in this way without
causing a lot of confusion.

--  Bruce Momjian  <bruce@momjian.us>        http://momjian.us EnterpriseDB
http://enterprisedb.com
 + Everyone has their own god. +

pgsql-hackers by date:

From: Alvaro Herrera
Date: 18 May 2015, 23:00:09
Subject: Re: Disabling trust/ident authentication configure option

From: Andrew Dunstan
Date: 18 May 2015, 23:02:45
Subject: Re: jsonb concatenate operator's semantics seem questionable

Re: Disabling trust/ident authentication configure option - Mailing list pgsql-hackers

Previous

Next