From: | Lincoln Yeoh <lylyeoh(at)mecomb(dot)com> |
---|---|
To: | Jim Mercer <jim(at)reptiles(dot)org>, Jan Wieck <wieck(at)debis(dot)com> |
Cc: | Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-general(at)postgresql(dot)org, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Re: [HACKERS] pgsql/php3/apache authentication |
Date: | 2000-04-28 01:12:13 |
Message-ID: | 3.0.5.32.20000428091213.0091a8c0@pop.mecomb.po.my |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general pgsql-hackers |
At 02:58 PM 27-04-2000 -0400, Jim Mercer wrote:
>On Thu, Apr 27, 2000 at 11:17:39AM +0200, Jan Wieck wrote:
>> [Charset iso-8859-1 unsupported, filtering to ASCII...]
>> > On Wed, 26 Apr 2000, Jim Mercer wrote:
>> >
>> > > - queries via localhost (unix domain sockets) should assume that the
pg_user
>> > > is the same as the unix user running the process.
>> >
>> > There's no way for the server to determine the system user name of the
>> > other end of a domain socket; at least no one has implemented one yet. So
>> > essentially this isn't going to work.
>
>given that, i'm looking at changing things so that i use:
>
>local all password
>host all 127.0.0.1 255.255.255.255 ident sameuser
>
>this will force all connections through the unix domain socket to need a
>password.
>
>it will allow unfettered access if the launching process is owned by
>a valid pg_user.
I always thought ident services should be grouped with fortune cookie
services and so on :). But, since it's localhost it could work.
>is there a performance penalty associated with forcing the bulk of my
>processing through the loopback, as opposed to the unix domain socket?
I believe there's a bit more latency but it could be about a millisecond or
less.
You could always do some benchmarks. e.g. time 1000 queries which return
lots of data.
Cheerio,
Link.
From | Date | Subject | |
---|---|---|---|
Next Message | Jan Wieck | 2000-04-28 01:52:37 | Re: Re: [HACKERS] pgsql/php3/apache authentication |
Previous Message | Jan Wieck | 2000-04-28 00:57:45 | Re: referencial integrity constraint bug in version 7.0 beta 5 |
From | Date | Subject | |
---|---|---|---|
Next Message | Jan Wieck | 2000-04-28 01:52:37 | Re: Re: [HACKERS] pgsql/php3/apache authentication |
Previous Message | Jim Mercer | 2000-04-27 18:58:47 | Re: [HACKERS] pgsql/php3/apache authentication |