"Magnus Hagander" <[EMAIL PROTECTED]> writes:
> Another way to help in this particular case would be to have libpq on
> win32 only force-lowercase the username IF it was retreived from the
> system (but not when manually specified).
Well, I personally don't care how bizarrely the Win32 port behaves ;-)
so I won't complain if something like that happens. You should think
twice though about whether introducing this inconsistency is going to
be a net win, or whether it'll just move the confusion someplace else.
> Then if this was done the
> kerberos username-matching code would just have to be relaxed to be case
> insensitive (which it really should be, because AFAIK kerberos is
> supposed to be case insensitive),
This however bothers me; it seems like a potential security hole (create
kerberos principal FOO, use it to break into Foo's account). Or does
kerberos guarantee FOO and Foo are the same?
regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?
http://archives.postgresql.org
