Re: Indent authentication overloading
Greg Stark <gsstark@mit.edu>
From: Greg Stark <gsstark@mit.edu>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Magnus Hagander <magnus@hagander.net>, Josh Berkus <josh@agliodbs.com>, pgsql-hackers@postgresql.org
Date: 2010-11-18T19:14:52Z
Lists: pgsql-hackers
On Thu, Nov 18, 2010 at 6:36 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote: > It's also warning about the wrong thing. IMO the real subtext to this > discussion is that we're afraid people are using ident-over-TCP > insecurely because they've confused it with ident-over-socket. > Which is a legitimate concern, but issuing warnings about > ident-over-socket configurations will accomplish nothing whatsoever > to wake up the guy at risk, because he's not using one. It will only > make us look like pedantic nannies annoying people whose configurations > are perfectly fine. Perhaps we should rename both then? Then we could warn if someone is using ident to refer to identd authentication but not if they're using it to refer to peer authentication. -- greg