Magnus Hagander wrote:
> > How expensive would it be to implement a "server_user" db open parameter
> > that would perform reverse credential passing to validate? "dbname=XXX
> > port=5432 server_user=postgres". If the server can't prove it is
> > postgres through UNIX socket credential passing, it fails. Similarly,
>
> Probably not very, but you should be able to achieve the same thing by
> moving the socket to a protected directory, I think?
What you are ulimately interested in is who runs a given server. Making the
inference that if the socket is in a directory that is currently only
writable by a certain user implies that the user owns the server that offers
that socket doesn't sound like a given to me. And let's forget that it's not
really straightforward to find out who has write access to some directory.
--
Peter Eisentraut
http://developer.postgresql.org/~petere/
