Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2

From: "Magnus Hagander" <mha(at)sollentuna(dot)net>
To: "Bruce Momjian" <pgman(at)candle(dot)pha(dot)pa(dot)us>, "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: "PostgreSQL-patches" <pgsql-patches(at)postgresql(dot)org>
Subject: Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2
Date: 2005-10-13 17:54:37
Message-ID: 6BCB9D8A16AC4241919521715F4D8BCE92E72B@algol.sollentuna.se
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-patches

(Tom, this is the other one you were referring to, I hope.)

I'm still planning to do this, but I'm very pressed for time right now.
I'll try to get it done as soon as possible, but worst case it may be
around two weeks before I can do it. Sorry. If someone else wants to
beat me to it go right ahead, otherwise - it's on it's way eventually.
I think a general overview to make sure the different parts (config
section vs kerberos auth section) are actually in sync is required.

//Magnus

>
> I need a comment on this.
>
> --------------------------------------------------------------
> -------------
>
> Tom Lane wrote:
> > BTW, it appears to me that this patch has also broken the
> claim in the
> > manual that
> >
> > If [krb_server_hostname is] not set, the default is to allow any
> > service principal matching an entry in the keytab.
> >
> > The reason that was true was that we passed a NULL "server"
> value to
> > krb5_recvauth(), which with this patch we never do anymore.
> >
> > I'm not sure if this represents a serious loss of
> flexibility or not,
> > but in any case the documentation needs an update.
> >
> > regards, tom lane
> >
> > ---------------------------(end of
> > broadcast)---------------------------
> > TIP 5: don't forget to increase your free space map settings
> >
>
> --
> Bruce Momjian | http://candle.pha.pa.us
> pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
> + If your life is a hard drive, | 13 Roberts Road
> + Christ can be your backup. | Newtown Square,
> Pennsylvania 19073
>

Responses

Browse pgsql-patches by date

  From Date Subject
Next Message Bruce Momjian 2005-10-13 17:56:32 Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2
Previous Message Tom Lane 2005-10-13 17:50:12 Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2