Re: Patch to include PAM support...
От | Peter Eisentraut |
---|---|
Тема | Re: Patch to include PAM support... |
Дата | |
Msg-id | Pine.LNX.4.30.0106121901130.756-100000@peter.localdomain обсуждение исходный текст |
Ответ на | Patch to include PAM support... ("Dominic J. Eidson" <sauron@the-infinite.org>) |
Ответы |
Re: Patch to include PAM support...
Re: Patch to include PAM support... |
Список | pgsql-patches |
Bruce Momjian writes: > OK, care to give a thumbs up on the patch? > > http://candle.pha.pa.us/cgi-bin/pgpatches From static inspection I have some doubts about whether this patch would operate correctly. The way it is implemented is that if the backend is instructed to use PAM authentication it pretends to the frontend that password authentication is going on. This would probably work correctly if your PAM setup is that you require exactly one password from the user. But if the PAM setup does not require a password (Kerberos, rhosts modules?) it would involve a useless exchange (and possibly prompt) for a password. More importantly, though, if the PAM configuration requires more than one password (perhaps the password is due to be changed), this implementation will fail (to authenticate). Dominic, any comments? -- Peter Eisentraut peter_e@gmx.net http://funkturm.homeip.net/~peter
В списке pgsql-patches по дате отправления: