On Mon, 22 Jan 2007, Bruno Wolff III wrote: > On Mon, Jan 22, 2007 at 20:25:48 +0100, > Bertram Scharpf <lists@xxxxxxxxxxxxxxxxxx> wrote: > > > > What I want to do is the following: > > > > 1. Login in from a program on a client as a particualar user. > > For this case you shouldn't need to do anything tricky as long as the user > is login in as themselves. Just prompt the user for their password and use it > when you open a connection to the database. If you are trying to have the > program login without the user being able to steal or borrow the credentials, > then you have a serious design flaw. I'm quite certain I missed the start of this thread, but just looking at the above paragraph as it stands: Design flaw? Perhaps an _incomplete_ design, but it's only a design flaw if not finished off properly. One way to do this cleanly is to use a program that has the suid bit set so it runs as the program's file owner (optionally group), and this program accesses the password and provides the database access. Richard -- Richard Troy, Chief Scientist Science Tools Corporation 510-924-1363 or 202-747-1263 rtroy@xxxxxxxxxxxxxxxx, http://ScienceTools.com/
