Bruce Momjian writes:
> > "J.H.M. Dassen (Ray)" wrote:
> > >> and it was never submitted to us a a patch.
> > >
> > >According to the README it was. Oliver, could you comment on this please?
> >
> > It was, a couple of months back. Peter made some criticism of its use of
> > autoconf, which I have changed. I have not resubmitted the patch because
> > the core team seemed to think it was not sufficiently portable. If people
> > want to include it in the main release, I will resubmit a revised patch.
>
> I think our current idea is to have people run local ident servers to
> handle this. We don't have any OS-specific stuff in pg_hba.conf and I
> am not sure if we want to add that complexity. What do others think?
This is not any less "specific" than SSL or Kerberos. Note that opening a
TCP/IP socket already opens a theoretical hole to the world. Unix domain
is much safer.
--
Peter Eisentraut peter_e@gmx.net http://funkturm.homeip.net/~peter
