Re: Recognizing superuser in pg_hba.conf

Greetings,

* Robert Haas (robertmhaas(at)gmail(dot)com) wrote:
> But, again, we already *have* a way of solving this problem: use
> quotes. As Simon pointed out, your proposed solution isn't really a
> solution at all, because & can appear in role names. It probably
> won't, but there probably also won't be a role name that matches
> either of these keywords, so it's just six of one, half a dozen of the
> other. The thing that really solves it is quoting.

I really just can't agree with the idea that:

"&superuser"

and

&superuser

in pg_hba.conf should mean materially different things and have far
reaching security differences. Depending on quoting in pg_hba.conf for
this distinction is an altogether bad idea.

> Now I admit that if we decide pg_hba.conf keywords have to start with
> "pg_" and prevent names beginning with "pg_" from being used as object
> names, then we'd have TWO ways of distinguishing between a keyword and
> an object name. But I don't think TMTOWTDI is the right design
> principle here.

There is a *really* big difference here though which makes this not "two
ways to do the same thing"- you *can't* create a user starting with
"pg_". You *can* create a user with an '&' in it. If we prevented you
from being able to create users with '&' in it then I'd be more open to
the idea of using '&' to mean something special in pg_hba, and then it
really would be two different ways to do the same thing, but that's not
actually what's being proposed here.

Thanks,

Stephen