| From: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
|---|---|
| To: | Gevik Babakhani <pgdev(at)xs4all(dot)nl> |
| Cc: | pgsql-hackers(at)postgresql(dot)org, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Subject: | Re: TODO Item: ACL_CONNECT |
| Date: | 2006-04-24 13:02:07 |
| Message-ID: | 20060424130206.GA13533@surnet.cl |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Gevik Babakhani wrote:
> To my surprise the code you described above was already there :)
> function aclchk.c:pg_database_aclmask:1696
Sure, that sort of was my point :-)
> If the above is okay and correct. Then I guess for simple systems one
> could only enter the line below in pg_hba.conf
> "host/hostssel all all (whatever IP) (whatever option)"
Ok, good. This is what people was aiming for initially, I hope. What
do people think, particularly those who wanted to manage pg_hba.conf via
SQL commands?
> New test patch:
> http://www.xs4all.nl/~gevik/patch/patch-0.2.diff
Without looking at the surrounding code, I'm a bit wary of the fact that
in ReverifyMyDatabase, pg_database_aclcheck is called with GetUserId()
but the error message is emitted with the user_name that was passed as
parameter instead. The inconsistency could prove painful in the future;
maybe it's OK, but if it is, you should declare it in the surrounding
comments.
--
Alvaro Herrera http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gevik Babakhani | 2006-04-24 14:05:36 | Re: TODO Item: ACL_CONNECT |
| Previous Message | Magnus Hagander | 2006-04-24 13:01:51 | Re: Regression error on float8 |