Return-Path: pg_adm@postgres.berkeley.edu
Received: by postgres.Berkeley.EDU (5.61/1.29)
	id AA20929; Wed, 6 May 92 12:51:17 -0700
From: Rod Rebello -- CAD Development <titan!rrebello@asuvax.eas.asu.edu>
Subject: Re: Using Postgres from Unix and security
To: postgres@postgres.berkeley.edu
Sender: pg_adm@postgres.berkeley.edu
From: Rod Rebello -- CAD Development <titan!rrebello@asuvax.eas.asu.edu>
To: postgres@postgres.berkeley.edu
Date: 	Wed, 6 May 1992 10:00:28 -0700
Return-Receipt-To: titan!rrebello@asuvax.eas.asu
X-Mailer: ELM [version 2.3 PL11]
Message-Id: <92May6.095821mst.63102@titan>

Mike Olson said:
> 
> since kerberos supports authentication without resorting to super-user
> privileges, we'll take that approach for the officially supported release.
> however, your fixes do what you claim they do -- you can't crack the
> database system without cracking root somewhere on your subnet.
> 
> 					mike
> 

Does this mean we would have to implement the complete kerberos system on
our network to use this feature?  Sorry if this is a naive question, but
I know little about kerberos.  My impression is that it is a fairly large
package that would take a fair amount of effort to install and maintain.
I assume that this capability will be optional in postgres?

I would prefer to have a method with little overhead.

-- 
Rod Rebello
titan!rrebello@asuvax.eas.asu.edu
Microchip Technology Inc., Chandler, AZ