| From: | Jim Mercer <jim(at)reptiles(dot)org> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org, pgsql-hackers(at)postgresql(dot)org |
| Subject: | pgsql/php3/apache authentication |
| Date: | 2000-04-26 17:22:11 |
| Message-ID: | 20000426132210.T24479@reptiles.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
ok, so i have pg-7.0, apache 1.3.12 and php3 installed on a server.
i'm having difficulty coming up with an appropriate security model to cover
off what i want to do:
- queries via localhost (unix domain sockets) should assume that the pg_user
is the same as the unix user running the process.
- queries via tcp sockets should require a valid pg_user and password
the second is easy enough to facilitate.
the first i haven't been able to figure out.
with a pg_hba.conf entry of "local trust", the user can override their identity
and do anything they want.
with a pg_hba.conf entry of "local password" the user is forced to enter their
password every time. this wouldn't work very well with scripts in crontabs.
am i missing something here?
--
[ Jim Mercer jim(at)reptiles(dot)org +1 416 506-0654 ]
[ Reptilian Research -- Longer Life through Colder Blood ]
[ Don't be fooled by cheap Finnish imitations; BSD is the One True Code. ]
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jan Wieck | 2000-04-26 17:26:36 | Re: Rounding/create C function question |
| Previous Message | Ed Loehr | 2000-04-26 16:59:46 | Re: Revisited: Transactions, insert unique. |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2000-04-27 08:02:32 | Re: [HACKERS] pgsql/php3/apache authentication |
| Previous Message | Peter Eisentraut | 2000-04-21 22:06:46 | Re: [HACKERS] Re: Join/table alias bug |