Robert Bihlmeyer wrote: >Package: libpgsql2.1 >Version: 7.1release-2 >Severity: normal > >identds are considered mild privacy/security risks, therefore I don't >think libpgsql2.1 and postgresql-client[1] should depend on >ident-server. > >The main use seems to be to allow local connections without further >authentication. A noble goal that should be reached via local >transport instead. > >Maybe there's more reasoning why this dependency is necessary. In this >case, please put it in the documentation.
It is indeed the case that ident is needed to allow local access without a password. I understand that this presents a small security risk on the server. However, without it, it is necessary for the postgres administrator's database password to be held in clear in some file, so that the automatic clean-up processes will be able to operate. It seems to me that the obvious security risks of the latter process outweigh the minor risks of having ident available. However, it is only strictly necessary for the server to have ident available, so I propose to move the dependency from libpgsql2.1 (and postgresql-client) to postgresql itself. In case anyone should ask why the server cannot authenticate directly, communication between front- and back-ends is done through a Unix socket and therefore it is not possible for the back-end to know the identity of the user at the front-end. The only options for Unix socket access are password-protection or trust (that is, a completely open database). -- Oliver Elphick [EMAIL PROTECTED] Isle of Wight http://www.lfix.co.uk/oliver PGP: 1024R/32B8FAA1: 97 EA 1D 47 72 3F 28 47 6B 7E 39 CC 56 E4 C1 47 GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C ======================================== "For whosoever will save his life shall lose it. But whosoever will lose his life for my sake, the same shall save it." Luke 9:24