Re: Restricting Postgres

> These are CGI scripts at the lowest level, nothing more and nothing
> less.  While I could probably embed a small webserver directly into
> the perl scripts and run that as a daemon, it would take away the
> portability that the scripts currently offer.

If they're CGI *scripts* then they just use the CGI environment, not
Apache, so a daemon that accepts the inbound connections, then compiles
the scripts a-la Apache::Registry, but puts each in a separate thread
would be, er, relatively easy for someone better at multithreaded stuff
than me.

>
> This should be my last question on the matter, does squid report the
> proper IP address of the client themselves?    That's a critical
> requirement for the scripts.
>
In the X-Forwarded-For header.  Not that you can be sure you're seeing
the true client IP anyway if they've gone through an ISP proxy beforehand.