Re: [HACKERS] pgsql/php3/apache authentication
Peter Eisentraut <e99re41@docs.uu.se>
From: Peter Eisentraut <e99re41@DoCS.UU.SE>
To: Jan Wieck <wieck@debis.com>
Cc: Jim Mercer <jim@reptiles.org>, pgsql-general@postgresql.org, pgsql-hackers@postgresql.org
Date: 2000-04-28T08:05:31Z
Lists: pgsql-hackers
On Thu, 27 Apr 2000, Jan Wieck wrote: > The default of "local all trust" is something I allways > considered insecure. No kidding. > If we add a permissions field to the local entry, the > postmaster can chmod() the socket file after creating it (and > maybe drain out waiting connections that slipped in between > after a second before accepting the first real one). The > default hba would then read: > > local all trust 0770 > host all 127.0.0.1 255.255.255.255 ident sameuser I think I like that idea. -- Peter Eisentraut Sernanders väg 10:115 peter_e@gmx.net 75262 Uppsala http://yi.org/peter-e/ Sweden