Re: [PATCHES] Solaris ident authentication using unix domain sockets

Поиск
Список
Период
Сортировка
От Tom Lane
Тема Re: [PATCHES] Solaris ident authentication using unix domain sockets
Дата
Msg-id 23040.1215319905@sss.pgh.pa.us
обсуждение исходный текст
Ответ на Re: [PATCHES] Solaris ident authentication using unix domain sockets  (Andrew Dunstan <andrew@dunslane.net>)
Ответы Re: [PATCHES] Solaris ident authentication using unix domain sockets  (Josh Berkus <josh@agliodbs.com>)
Список pgsql-hackers
Дерево обсуждения 
Andrew Dunstan <andrew@dunslane.net> writes:
> Robert Treat wrote:
>> Hmm... I've always been told that Solaris didn't support this because the
>> Solaris developers feel that IDENT is inherently insecure.

> We don't actually use the Ident protocol for Unix sockets on any
> platform.

Indeed.  If the Solaris folk feel that getupeercred() is insecure,
they had better explain why their kernel is that broken.  This is
entirely unrelated to the known shortcomings of the "ident" IP
protocol.

            regards, tom lane

В списке pgsql-hackers по дате отправления:

Предыдущее
От: "David E. Wheeler"
Дата:
Сообщение: Re: PATCH: CITEXT 2.0
Следующее
От: Tom Lane
Дата:
Сообщение: Re: time_stamp type