On Wed, Oct 30, 2002 at 12:27:38PM -0500, Sam Hartman wrote: > >>>>> "Arunvijai" == Arunvijai <[EMAIL PROTECTED]> writes:
> Arunvijai> Hi Guys, Please help me to configure and run > Arunvijai> Postgresql7.x.x Authentication with Kerberos > Arunvijai> Authentication method. The Starting of Kerberos under > Arunvijai> RHL7.3 seems to be very hard. Please send your views > Arunvijai> to my mail address. > Please do not use the Kerberos authentication in Postgres. It is > quite insecure. It does not authenticate both sides of the > connection. It provides no data protection so it is vulnerable to > man-in-the-middle and connection hijacking. Pah, people go and get my hopes up, and then someone has to go and bring *security* into the mix... :) Does the Kerberos support in Postgres represent appropriate groundwork for proper Kerberos authentication, or is it another cleartext-password-proxy approach to Kerberos like pam_krb5? Steve Langasek postmodern programmer ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos
