| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Orion Henry <orion(at)trustcommerce(dot)com> |
| Cc: | pgsql-bugs(at)postgresql(dot)org, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Kerberos as source of user name? (Re: segfault in psql on x86_64) |
| Date: | 2004-01-31 18:15:57 |
| Message-ID: | 5596.1075572957@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs pgsql-hackers |
Orion Henry <orion(at)trustcommerce(dot)com> writes:
> It appears to be faulting on a kerberos call which is odd because I
> don't use kerberos for anything.
I was a bit surprised to realize that if you compile Kerberos support at
all, libpq will try to get a user name from Kerberos in preference to
using getpwuid(). This strikes me as odd and surprising behavior.
There's certainly no security reason for it, since we are only getting
a default user name that can be trivially overridden.
Does anyone see a reason why we shouldn't trust getpwuid to supply the
default username in all cases? I'm thinking of ripping out
fe_setauthsvc/fe_getauthsvc as well ...
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | elein | 2004-01-31 22:57:09 | info schema : cardinal number domain |
| Previous Message | Tom Lane | 2004-01-31 17:57:57 | Re: BUG #1071: -fPIC needed for plperl & amd64 |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2004-01-31 19:08:01 | Re: Transaction callback |
| Previous Message | Tom Lane | 2004-01-31 17:53:56 | Re: Transaction callback |