Chris Green <cmg@uab.edu> writes:
> For local users, is there anyway to have users only be able to connect
> to the postmaster as the name associated with their current uid?
You could use ident authentication with the 'sameuser' restriction,
ie
host all 127.0.0.1 255.255.255.255 ident sameuser
You have to be running an identd daemon, and you have to tell your
users to connect to host localhost instead of the default Unix-socket
connection. (AFAIK, ident doesn't work with Unix-socket connections.)
Setting PGHOST=localhost in the user environment is a fairly painless
answer to the latter problem though.
regards, tom lane