Re: Bug#95818: libpgsql2.1: should not depend on ident-server
Steve Langasek wrote:
>> In case anyone should ask why the server cannot authenticate directly,
>> communication between front- and back-ends is done through a Unix socket
>> and therefore it is not possible for the back-end to know the identity
>> of the user at the front-end. The only options for Unix socket access
>> are password-protection or trust (that is, a completely open database).
>
>...
... [code] ...
>
>This works for Unix sockets under Linux 2.2 and Linux 2.4, at least. I
don't
>know how portable the interface is beyond that, and lack of portability
might
>prevent upstream from adopting it. It would be interesting to see this as
an
>option for Debian, though. (Does Hurd implement SO_PEERCRED?)
Yes; this makes it look possible - I am pretty sure it is not portable,
though, so it won't be an upstream option.
How portable is it within Linux? I just tried looking for the documentation
on it in libc.info and couldn't find anything.
--
Oliver Elphick Oliver.Elphick@lfix.co.uk
Isle of Wight http://www.lfix.co.uk/oliver
PGP: 1024R/32B8FAA1: 97 EA 1D 47 72 3F 28 47 6B 7E 39 CC 56 E4 C1 47
GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C
========================================
"For whosoever will save his life shall lose it. But
whosoever will lose his life for my sake, the same
shall save it." Luke 9:24
Reply to: