| From: | Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> |
|---|---|
| To: | Christoph Berg <myon(at)debian(dot)org>, Andres Freund <andres(at)anarazel(dot)de>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Bruce Momjian <bruce(at)momjian(dot)us>, Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Daniel Gustafsson <daniel(at)yesql(dot)se>, Thomas Munro <thomas(dot)munro(at)gmail(dot)com>, Nazir Bilal Yavuz <byavuz81(at)gmail(dot)com>, Peter Eisentraut <peter(at)eisentraut(dot)org>, Antonin Houska <ah(at)cybertec(dot)at> |
| Subject: | Re: [PoC] Federated Authn/z with OAUTHBEARER |
| Date: | 2025-04-01 22:40:49 |
| Message-ID: | CAOYmi+n+WB9fuQeoPL-0FWvC+fzJXUEfH=Ne1q7q5xT936TE=A@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, Mar 31, 2025 at 7:06 AM Christoph Berg <myon(at)debian(dot)org> wrote:
> Perhaps we could do the same with libldap and libgssapi? (Though
> admittedly I have never seen any complaints or nagging questions from
> security people about these.)
If we end up happy with how the Curl indirection works, that seems
like it'd be kind of nice in theory. I'm not sure how many people
would notice, though.
On Wed, Mar 26, 2025 at 12:09 PM Jacob Champion
<jacob(dot)champion(at)enterprisedb(dot)com> wrote:
> Right
> now we have an SO version of 1; maybe we want to remove the SO version
> entirely to better indicate that it shouldn't be linked?
Maybe a better idea would be to ship an SONAME of
`libpq-oauth.so.0.<major>`, without any symlinks, so that there's
never any ambiguity about which module belongs with which libpq.
--Jacob
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Shayon Mukherjee | 2025-04-01 22:50:28 | Re: Proposal to Enable/Disable Index using ALTER INDEX (with patch) |
| Previous Message | Melanie Plageman | 2025-04-01 22:35:48 | Re: Using read stream in autoprewarm |