agora inbox for postgres@postgres.berkeley.edu
help / color / mirror / Atom feedFrom: Kai Petzke <wpp@marie.physik.tu-berlin.de>
To: linux-postgres@native-ed.bc.ca
Subject: user authentification
Date: Wed, 11 May 1994 22:29:45 +0200 (MET DST)
Message-ID: <9405120721.AA01666@marie.physik.tu-berlin.de> (raw)
Hi,
I am looking for a small project, which to start with hacking
postgres. I do not want to do the big "C++"-ifying and "Web"bing
thing, before they have released the final version. My
suggestions are:
- Modify the copy in/out routines to adapt them to a variety of
input or output file formats. The current implementation takes
about 800 lines in one source file:
~/src/backend/commands/copy.c
- Add medium security authentification to postgres. Currently,
you have no security (everybody can connect to port 4321, while
a postmaster is running), or good security, when you link in
Kerberos. Kerberos needs an independant ticket server, which
should run on a physically safe computer, which has no other
stuff running. Installing Kerberos requires you to change the
login software.
I want something in between, which provides both good safety
and is easy to install. How about doing the same thing, that
Oracle does: an extra login when connecting to the database?
The problem: Packet Sniffer. While transferring the password,
anybody can listen. So all data transferred during authentification
should be encrypted. I came to mind with a strange scheme, how
this could be done. I have written a post to sci.crypt about it.
Kai
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: postgres@postgres.berkeley.edu
Cc: wpp@marie.physik.tu-berlin.de, linux-postgres@native-ed.bc.ca
Subject: Re: user authentification
In-Reply-To: <9405120721.AA01666@marie.physik.tu-berlin.de>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox