I'd be *very* interested in how they come to that assessment. I'd have
thought that the only alternative to getpeereid/getupeercred is
password-based or certificate-based authenticated - which seem *less*
secure because a) they also rely on the client having the correct uid
or gid (to read the password/private key), plus b) the risk of the
password/private key getting into the wrong hands.

*shrug* don't ask me. I don't agree with the policy, I can hardly defend it.


Sent via pgsql-patches mailing list (pgsql-patches@postgresql.org)
To make changes to your subscription:

Reply via email to