Home > mailing lists

Re: Disabling trust/ident authentication configure option - Mailing list pgsql-hackers

From	Volker Aßmann
Subject	Re: Disabling trust/ident authentication configure option
Date	May 20, 2015 11:20:47
Msg-id	CAJBpAdzH3pMTFfBE+dYd+OytVJXR2XF=ESQ7TG6syjB1suh2ZQ@mail.gmail.com Whole thread Raw
In response to	Re: Disabling trust/ident authentication configure option (Robert Haas <robertmhaas@gmail.com>)
Responses	Re: Disabling trust/ident authentication configure option (Robert Haas <robertmhaas@gmail.com>)
List	pgsql-hackers

Tree view

On Tue, May 19, 2015 at 1:53 AM, Robert Haas <robertmhaas@gmail.com> wrote:

On May 18, 2015, at 3:32 PM, Volker Aßmann <volker.assmann@gmail.com> wrote:
> I know these measures won't protect against an experienced attacker who gains root access, but hope it slows them down sufficiently so the admins may have a chance to detect the attack.

It won't.

You don't seem to have much trust in your other authentication mechanisms and seem to know our environment quite well then...

But anyway you don't seem to understand why "being able to remove a 'disable all security let anyone in' option" might be a reasonable idea, so there is no point in arguing, please just ignore the patch.

pgsql-hackers by date:

From: Noah Misch
Date: 20 May 2015, 10:13:45
Subject: Re: a few thoughts on the schedule

From: Uriy Zhuravlev
Date: 20 May 2015, 12:24:35
Subject: Re: WIP: Enhanced ALTER OPERATOR

Re: Disabling trust/ident authentication configure option - Mailing list pgsql-hackers

Previous

Next