Re: Design Considerations for New Authentication Methods

From: Josh Berkus <josh(at)agliodbs(dot)com>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: pgsql-hackers(at)postgresql(dot)org, "Magnus Hagander" <mha(at)sollentuna(dot)net>, mark(at)mark(dot)mielke(dot)cc, "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com>, "Andrew Sullivan" <ajs(at)crankycanuck(dot)ca>
Subject: Re: Design Considerations for New Authentication Methods
Date: 2006-11-04 23:00:34
Message-ID: 200611041500.35259.josh@agliodbs.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Tom,

> I have no corporate commitment to make PG 8.3+ work on ancient Red Hat
> versions, if that's what you mean.

Well, in that case my suggestion is that we plan to transition to GSSAPI and
drop support for raw Kerberos as soon as Henry is ready with a patch (plus
I'm going to try to get the Solaris security folks to kick in on this).
GSSAPI is the official API of Kerberos5, and in theory supporting it should
reduce the number of specific-library-version dependancy bugs we get with
Kerberos in the future.

--
Josh Berkus
PostgreSQL @ Sun
San Francisco

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Neil Conway 2006-11-05 00:43:37 ldap: fix resource leak
Previous Message Josh Berkus 2006-11-04 22:58:04 Re: buildfarm project changes