Re: Authorization problem - Mailing list pgsql-admin

From Pedro Fonseca
Subject Re: Authorization problem
Date
Msg-id 9plgr9$2fu9$1@news.tht.net
Whole thread Raw
In response to Re: Authorization problem  (Tom Lane <tgl@sss.pgh.pa.us>)
List pgsql-admin
OK Tom! Many thanks!
Best regards.

--
______________________________________________________________________
Pedro Fonseca (pedro.fonseca@iscte.pt)
Mob.: (+351)964598357
http://www.pedrofonseca.com
ADETTI/ISCTE (Instituto Superior de Ci�ncias do Trabalho e da Empresa)

"Tom Lane" <tgl@sss.pgh.pa.us> wrote in message
news:17419.1002305476@sss.pgh.pa.us...
> "Pedro Fonseca" <pedro.fonseca@netcabo.pt> writes:
> > I mean, this is what the 'trust' AUTHTYPE does!
>
> Quite.
>
> > Isn't this a bad thing?
>
> If you don't trust the users on your local machine, you can't use
> "trust" authtype for local connections.  It's as simple as that.
>
> The reason why there's not an equivalent of "ident" auth for local
> socket connections is that most platforms don't provide any way to
> find out who owns the other end of a local socket connection.
> You're wasting your breath to complain to the Postgres developers
> about an OS-level deficiency.  I'd suggest using ident and TCP/IP.
> You can set PGHOST=127.0.0.1 in your environment so you don't need to
> think about what kind of connection you are using.
>
> BTW, PG 7.2 will support ident-like auth on local connections for
> a small number of platforms where there is such a facility.  But
> that doesn't help you today, and won't ever help you if you're not
> on one of those platforms.
>
> regards, tom lane
>
> ---------------------------(end of broadcast)---------------------------
> TIP 4: Don't 'kill -9' the postmaster



pgsql-admin by date:

Previous
From: Peter Eisentraut
Date:
Subject: Re: Slightly off topic - Hardware Question
Next
From: Joshua Franklin
Date:
Subject: delete/vacuum not freeing disk space