Re: New pg_pwd patch and stuff
todd brandys <brandys@eng3.hep.uiuc.edu>
From: todd brandys <brandys@eng3.hep.uiuc.edu>
To: scrappy@hub.org
Date: 1998-01-15T20:31:37Z
Lists: pgsql-hackers
> Fork off the postgres process first, then authenticate inside of > there...which would get rid of the problem with pg_user itself being a > text file vs a relation...no? Yes, yes, yes. This is how authentication should be done (for HBA, etc.) Furthermore, we could reduce the footprint of the postmaster drastically. It would only need to accept a socket connection and fork the backend. This scenario would also allow the postmaster to be run as the root user. Good things could only come of this method. The only reason I put my authentication scheme where it is, is that all the other authentication schemes take place in the postmaster, and to work things properly, use of my scheme (checking to see if there is a password or not) must come first. Todd A. Brandys brandys@eng3.hep.uiuc.edu