Skip site navigation (1) Skip section navigation (2)

Re: Why don't we allow DNS names in pg_hba.conf?

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Marc G(dot) Fournier" <scrappy(at)postgresql(dot)org>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Why don't we allow DNS names in pg_hba.conf?
Date: 2006-01-01 20:04:47
Message-ID: 28377.1136145887@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackers
"Marc G. Fournier" <scrappy(at)postgresql(dot)org> writes:
> On Sun, 1 Jan 2006, Tom Lane wrote:
>> ... I don't see a good
>> reason why we shouldn't let people use DNS names.

> Security?

Possibly, but if you're worried about that sort of attack you just don't
use DNS names in pg_hba.conf.  Certainly it'd be worth putting a warning
in the manual about the risks of referring to DNS servers that aren't
directly under your control.  But that doesn't seem like a reason not to
provide the feature for those who want it.

			regards, tom lane

In response to

pgsql-hackers by date

Next:From: John DeSoiDate: 2006-01-01 20:14:45
Subject: Re: Why don't we allow DNS names in pg_hba.conf?
Previous:From: Andreas PflugDate: 2006-01-01 20:03:00
Subject: Re: Why don't we allow DNS names in pg_hba.conf?

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group