Josh Berkus wrote:
Tom,
Indeed. If the Solaris folk feel that getupeercred() is insecure,
they had better explain why their kernel is that broken. This is
entirely unrelated to the known shortcomings of the "ident" IP
protocol.
The Solaris security & kernel folks do, actually. However, there's no
question that TRUST is inherently insecure, and that's what people are going
to use if they can't get IDENT to work.
I think I'd pose a slightly different question from Tom. Do the Solaris
devs think that their getupeercred() is more insecure than the more or
less equivalent calls that we are doing on Linux and *BSD for example? I
suspect they probably don't ;-)
cheers
andrew
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
