| From: | "James Cassell" <fedoraproject(at)cyberpear(dot)com> |
|---|---|
| To: | "PostgreSQL Yum Package List" <pgsql-pkg-yum(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Can we stop defaulting to 'ident'? |
| Date: | 2019-12-19 21:07:47 |
| Message-ID: | c10055e1-3534-45be-ba27-a2cc9e259ba8@www.fastmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-pkg-debian pgsql-pkg-yum |
Hi,
On Thu, Dec 19, 2019, at 12:32 PM, Stephen Frost wrote:
> Greetings,
>
> * James Cassell wrote:
> > Peer does not work with TCP connections, and I haven't figured how to get,e.g., third-party Java applications working without TCP.
>
> The entire point of peer was to segregate the very insecure 'ident' from
> the actually quite secure 'peer' auth, so, no, it's not going to work
> over TCP connections- that's more-or-less the point.
>
I fail to see how ident over TCP is insecure when used on the localhost address. Can you explain? Otherwise, is there a way to make peer authentication work with TCP connections?
V/r,
James Cassell
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Craig Ringer | 2019-12-20 03:00:43 | Re: Can we stop defaulting to 'ident'? |
| Previous Message | Stephen Frost | 2019-12-19 17:32:28 | Re: Can we stop defaulting to 'ident'? |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Craig Ringer | 2019-12-20 03:00:43 | Re: Can we stop defaulting to 'ident'? |
| Previous Message | Stephen Frost | 2019-12-19 17:32:28 | Re: Can we stop defaulting to 'ident'? |