Tom Lane <tgl@sss.pgh.pa.us> writes:
> Doug McNaught <doug@wireboard.com> writes:
> > Tom Lane <tgl@sss.pgh.pa.us> writes:
> >> Perhaps do it across a local TCP connection and use ident to verify?
>
> > And if you think this is somehow more secure than trusting Unix
> > sockets, I have a bridge to sell you... ;)
>
> Why? It's your own ident daemon you're trusting, not a remote one.
I agree that is somewhat better, but it still makes my skin crawl. ;)
Some Unices (eg Linux) will honor permissions and ownership on Unix
sockets; I'd much prefer to use that mechanism if it's available.
-Doug