Florian,

I'd be *very* interested in how they come to that assessment. I'd have
thought that the only alternative to getpeereid/getupeercred is
password-based or certificate-based authenticated - which seem *less*
secure because a) they also rely on the client having the correct uid
or gid (to read the password/private key), plus b) the risk of the
password/private key getting into the wrong hands.


*shrug* don't ask me. I don't agree with the policy, I can hardly defend it.

--Josh

--
Sent via pgsql-patches mailing list (pgsql-patches@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-patches

Reply via email to