> On Wed, 27 Jun 2001, Bruce Momjian wrote:
>
> > pg_hba.conf option on Debian called "peer" recently. We don't have such
> > an option and it was never submitted to us a a patch.
> >From 7usr/share/doc/postgresql/README.Debian.gz:
> 6. Unix socket authentication is provided (authentication type "peer").
> This works just like ident, but for Unix sockets; this provides a more
> secure method of authentication than ident, and does not require
> administrators to run identd on their servers. This authentication
> method has been submitted to the upstream developers, but is not
> currently part of the upstream release.
>
> I don?t know if the Debian maintainer has it submitted but I trust him
> if he writes it in the relevant document.
Again, PostgreSQL topic...
Hmm, that is interesting. My guess is that we couldn't accept it
because most OS's can't do authentication on Unix-domain sockets. It
must have been long ago because I don't remember it. Peer is a nice
feature, though, and it would be nice if we could support it everywhere.
I don't like our 'trust' method. Too open.
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
