Re: Bugtraq: Having Fun With PostgreSQL - Mailing list pgsql-hackers

From Tom Lane
Subject Re: Bugtraq: Having Fun With PostgreSQL
Date
Msg-id 29495.1182554573@sss.pgh.pa.us
Whole thread Raw
In response to Re: Bugtraq: Having Fun With PostgreSQL  (Jim Nasby <decibel@decibel.org>)
List pgsql-hackers
Jim Nasby <decibel@decibel.org> writes:
> On Jun 19, 2007, at 1:27 PM, Josh Berkus wrote:
>> Not all OSes support ident ... Solaris and OpenBSD for two, don't,  
>> because they see ident as insecure.

> What about the unix domain socket, though? AFAIK that doesn't rely on  
> ident but some other method...

On OpenBSD we use getpeereid() for unix sockets, and there are
equivalent things on some other Unixen.  We could never go over to
ident as the standard default, though, because not all platforms
have these sorts of features (if indeed they have unix sockets at
all ...); and in any case it's not very secure for TCP.
        regards, tom lane


pgsql-hackers by date:

Previous
From: Jim Nasby
Date:
Subject: Re: Bugtraq: Having Fun With PostgreSQL
Next
From: Bruce Momjian
Date:
Subject: In California for a few days