| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | mark(at)mark(dot)mielke(dot)cc, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Gavin Sherry <swm(at)linuxworld(dot)com(dot)au>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Weak passwords and brute force attacks |
| Date: | 2006-12-05 18:52:46 |
| Message-ID: | 4575BFFE.2020905@dunslane.net |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Stephen Frost wrote:
> PAM is simply not always an option, unless you want to figure out a way
> to use PAM modules without using /etc/passwd and company. Currently the
> only way to use PAM w/ password-changing done in PG is to chown all the
> various files and whatnot over to being owned by Postgres, which is a royal
> pain and a very ugly mess. I suppose another option would be to
> convince PG to run as root but that's not exactly an encouraged setup
> either.
>
>
That assumes that you are using system auth. PAM+LDAP for example has no
such problems.
cheers
andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Simon Riggs | 2006-12-05 19:53:22 | Re: [HACKERS] Configuring BLCKSZ and XLOGSEGSZ (in 8.3) |
| Previous Message | Volkan YAZICI | 2006-12-05 18:41:43 | Re: Preserving Cluster-Wise Data |