| From: | Greg Stark <gsstark(at)mit(dot)edu> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | "Magnus Hagander" <mha(at)sollentuna(dot)net>, pgsql-hackers(at)postgresql(dot)org, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: [HACKERS] [PATCHES] Removing Kerberos 4 |
| Date: | 2005-06-22 19:50:10 |
| Message-ID: | 87br5yyxvx.fsf@stark.xeocode.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers pgsql-patches |
Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> writes:
> Last chance for any Kerberos 4 users to speak up --- otherwise I'll
> apply this soon.
If you just want someone to test it I can do that. I don't actually use it
normally though.
As far as security issues the only issues I'm aware of is a) it uses plain DES
which is just a 56 bit key and crackable by brute force and b) cross-domain
authentication is broken.
But if you just have a single domain it's a lot simpler to set up than the
poster child for second system effect, Kerberos 5.
--
greg
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Parker | 2005-06-22 20:05:07 | dump/restore bytea fields |
| Previous Message | Peter Darley | 2005-06-22 19:34:12 | Perl DBI issue |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2005-06-22 19:59:36 | Re: Why is checkpoint so costly? |
| Previous Message | Tom Lane | 2005-06-22 19:50:04 | Re: [PATCHES] O_DIRECT for WAL writes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2005-06-22 19:50:12 | Re: plperl better array support |
| Previous Message | Tom Lane | 2005-06-22 19:50:04 | Re: [PATCHES] O_DIRECT for WAL writes |