Skip site navigation (1) Skip section navigation (2)

Re: config files in /data

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc: The Hermit Hacker <scrappy(at)hub(dot)org>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: config files in /data
Date: 2000-05-30 22:05:29
Message-ID: 3564.959724329@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackers
>> pg_hba should become another system table that can be modified with simple
>> SQL queries, and is modifiable (readable?) only by those with createdb
>> privileges ...

> And have it dump like pg_shadow.  Yea, I guess we could do that.

Yeah, the postmaster needs to see it as a flat file, but we could have
an update trigger like for pg_shadow.

I'm not convinced that it's cool to grant read rights on the table even
to those with createdb privileges.  ("Wow, Joe Blow is running his
database with no connection security...")  If we had a setup such that
one could only see the rows for databases one owns, it'd work.  This
could be enforced by a view, perhaps, like we do for pg_user.

			regards, tom lane

In response to

pgsql-hackers by date

Next:From: Bruce MomjianDate: 2000-05-30 23:25:35
Subject: Re: config files in /data
Previous:From: Tom LaneDate: 2000-05-30 21:59:00
Subject: Re: secondary password files

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group