Home > mailing lists

Re: [PATCHES] Solaris ident authentication using unix domain sockets - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: [PATCHES] Solaris ident authentication using unix domain sockets
Date	July 6, 2008 01:51:55
Msg-id	23040.1215319905@sss.pgh.pa.us Whole thread Raw
In response to	Re: [PATCHES] Solaris ident authentication using unix domain sockets (Andrew Dunstan <andrew@dunslane.net>)
Responses	Re: [PATCHES] Solaris ident authentication using unix domain sockets
List	pgsql-hackers

Tree view

Andrew Dunstan <andrew@dunslane.net> writes:
> Robert Treat wrote:
>> Hmm... I've always been told that Solaris didn't support this because the
>> Solaris developers feel that IDENT is inherently insecure.

> We don't actually use the Ident protocol for Unix sockets on any
> platform.

Indeed.  If the Solaris folk feel that getupeercred() is insecure,
they had better explain why their kernel is that broken.  This is
entirely unrelated to the known shortcomings of the "ident" IP
protocol.

            regards, tom lane

pgsql-hackers by date:

From: "David E. Wheeler"
Date: 05 July 2008, 21:47:28
Subject: Re: PATCH: CITEXT 2.0

From: Tom Lane
Date: 06 July 2008, 02:19:47
Subject: Re: time_stamp type

Re: [PATCHES] Solaris ident authentication using unix domain sockets - Mailing list pgsql-hackers

Previous

Next