Quick Links

Thoughts on pg_hba.conf rejection

From:	Simon Riggs <simon(at)2ndQuadrant(dot)com>
To:	pgsql-hackers(at)postgresql(dot)org
Subject:	Thoughts on pg_hba.conf rejection
Date:	2010-04-07 10:51:52
Message-ID:	1270637512.24910.6695.camel@ebony
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

When there is a specific reject rule, why does the server say

FATAL: no pg_hba.conf entry

That sounds like an administrative error, rather than a specific
decision on the part of an admin to reject the connection. Suggested
message would be

FATAL: connection rejected for host "xxx", user "xxxx", database "xxx"

Clearly needs to be secure. Does the second message give any information
to a would-be hacker than the first? I don't think so, but it certainly
helps an admin work out if they've missed something.

--
Simon Riggs www.2ndQuadrant.com

Responses

Re: Thoughts on pg_hba.conf rejection at 2010-04-07 14:46:14 from Tom Lane
Re: Thoughts on pg_hba.conf rejection at 2010-04-07 16:53:35 from Josh Berkus

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Heikki Linnakangas	2010-04-07 10:59:42	Re: Quoting in recovery.conf
Previous Message	Magnus Hagander	2010-04-07 10:31:22	Re: Win32 timezone matching