From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
---|---|
To: | Josh Berkus <josh(at)agliodbs(dot)com> |
Cc: | pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: listening addresses |
Date: | 2004-03-15 19:31:57 |
Message-ID: | 200403151931.i2FJVvI19823@candle.pha.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers pgsql-patches |
Josh Berkus wrote:
> Andrew, Tom:
>
> This will be a really nice feature for those of us with PG servers that
> participate in VPNs. Currently I'm blocking certain interfaces using
> pg_hba.conf but would prefer a "listen" address instead.
>
> Of course, the drawback to this is that confused DBAs will have their
> pg_hba.conf conflict with their postgresql.conf, and cut off all access to
> the DB. But I don't know how we can protect against that.
>
> Might I suggest that this default to "127.0.0.1" in postgresql.conf.sample?
> This is a reasonably safe default, and would allow us to use the same default
> for Windows as for other OSes. It would also eliminate about 15% of the
> questions I get on a weekly basis from PHP users. ("uncomment the line
> tcpip_sockets ...").
>
> If I had time, I would also love to see setting the password for the postgres
> user become part of the initdb script. However, I can see that this wouldn't
> work with packages.
Why couldn't we do something where we ask for a password only if stdin
is from a terminal?
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2004-03-15 19:39:02 | Re: listening addresses |
Previous Message | Bruce Momjian | 2004-03-15 19:22:32 | WAL write of full pages |
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2004-03-15 19:39:02 | Re: listening addresses |
Previous Message | Korea PostgreSQL Users' Group | 2004-03-15 19:02:17 | xlog.c timezone name size |