David M. Kaplan writes:
> I have a very simple security setup wish. I only want to allow local
> connections where each user can only log into postgres as himself, but
> there isnt a "ident sameuser" option for local connections. Is there
> any way around this? Can anyone explain to me why such an option doesnt
> exist for local connections?
Because ident works based on TCP ports. There is a similar mechanism for
Unix domain sockets implemented in some kernels, but it's not portable and
therefore there hasn't been wide-spread enthusiasm for supporting it.
--
Peter Eisentraut peter_e@gmx.net http://yi.org/peter-e/
