On Sun, 10 Nov 2002, David Everly wrote: > > Does SQL-Ledger support using the following pg_hba.conf with > PostgreSQL? > > local all ident sameuser > host all 127.0.0.1 255.0.0.0 ident sameuser > host all 0.0.0.0 0.0.0.0 reject > > I'm running everything all on the same machine, but cannot make it work > with this setting. > > It does work when I replace "ident sameuser" with "password".
Unless you control the machine, "ident sameuser" is little different from "trust." The user the account's being accessed by, according to ident, is the account owning the socket - the web server. If the webserver can access the data by "ident sameuser" then everyone who can create executable content - CGI, PHP, JSP etc can too. Even in different virtual hosts. -- Cheers John. Please, no off-list mail. You will fall foul of my spam treatment. Join the "Linux Support by Small Businesses" list at http://mail.computerdatasafe.com.au/mailman/listinfo/lssb
