From: | todd brandys <brandys(at)eng3(dot)hep(dot)uiuc(dot)edu> |
---|---|
To: | scrappy(at)hub(dot)org |
Subject: | Re: New pg_pwd patch and stuff |
Date: | 1998-01-15 20:31:37 |
Message-ID: | 199801152031.AA00465@eng3.hep.uiuc.edu |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> Fork off the postgres process first, then authenticate inside of
> there...which would get rid of the problem with pg_user itself being a
> text file vs a relation...no?
Yes, yes, yes. This is how authentication should be done (for HBA, etc.)
Furthermore, we could reduce the footprint of the postmaster drastically. It
would only need to accept a socket connection and fork the backend. This
scenario would also allow the postmaster to be run as the root user. Good
things could only come of this method.
The only reason I put my authentication scheme where it is, is that all the
other authentication schemes take place in the postmaster, and to work things
properly, use of my scheme (checking to see if there is a password or not) must
come first.
Todd A. Brandys
brandys(at)eng3(dot)hep(dot)uiuc(dot)edu
From | Date | Subject | |
---|---|---|---|
Next Message | Karl Denninger | 1998-01-15 20:32:20 | Re: [QUESTIONS] Arrays (inserting and removing) |
Previous Message | The Hermit Hacker | 1998-01-15 20:27:21 | Re: New pg_pwd patch and stuff |