Quick Links

Re: Why don't we allow DNS names in pg_hba.conf?

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	"Marc G(dot) Fournier" <scrappy(at)postgresql(dot)org>
Cc:	pgsql-hackers(at)postgresql(dot)org
Subject:	Re: Why don't we allow DNS names in pg_hba.conf?
Date:	2006-01-01 20:04:47
Message-ID:	28377.1136145887@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

"Marc G. Fournier" <scrappy(at)postgresql(dot)org> writes:
> On Sun, 1 Jan 2006, Tom Lane wrote:
>> ... I don't see a good
>> reason why we shouldn't let people use DNS names.

> Security?

Possibly, but if you're worried about that sort of attack you just don't
use DNS names in pg_hba.conf. Certainly it'd be worth putting a warning
in the manual about the risks of referring to DNS servers that aren't
directly under your control. But that doesn't seem like a reason not to
provide the feature for those who want it.

regards, tom lane

In response to

Re: Why don't we allow DNS names in pg_hba.conf? at 2006-01-01 18:50:37 from Marc G. Fournier

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	John DeSoi	2006-01-01 20:14:45	Re: Why don't we allow DNS names in pg_hba.conf?
Previous Message	Andreas Pflug	2006-01-01 20:03:00	Re: Why don't we allow DNS names in pg_hba.conf?