> But the pg_shadow authentication is based on credentials
> provided by the
> client whereas what you propose here would run on the server, so this
> doesn't make sense.
Since you can write extensions to PostgreSQL that reach far into the OS,
it does make sense to execute those extensions und
Zeugswetter Andreas SB writes:
> Imho it is fine to get rid of the usesysid in our internal
> authorization system, but we should not get rid of the only field that
> can tie a db user to an os user. Imho we should not do a "by name"
> lookup and eliminate the field.
Um, well, the only possible
