Steve Langasek wrote: >> In case anyone should ask why the server cannot authenticate directly, >> communication between front- and back-ends is done through a Unix socket >> and therefore it is not possible for the back-end to know the identity >> of the user at the front-end. The only options for Unix socket access >> are password-protection or trust (that is, a completely open database). > >... ... [code] ... > >This works for Unix sockets under Linux 2.2 and Linux 2.4, at least. I don't >know how portable the interface is beyond that, and lack of portability might >prevent upstream from adopting it. It would be interesting to see this as an >option for Debian, though. (Does Hurd implement SO_PEERCRED?) Yes; this makes it look possible - I am pretty sure it is not portable, though, so it won't be an upstream option.
How portable is it within Linux? I just tried looking for the documentation on it in libc.info and couldn't find anything. -- Oliver Elphick [EMAIL PROTECTED] Isle of Wight http://www.lfix.co.uk/oliver PGP: 1024R/32B8FAA1: 97 EA 1D 47 72 3F 28 47 6B 7E 39 CC 56 E4 C1 47 GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C ======================================== "For whosoever will save his life shall lose it. But whosoever will lose his life for my sake, the same shall save it." Luke 9:24