Skip site navigation (1) Skip section navigation (2)

Re: pg_hba.conf: samehost and samenet [REVIEW]

From: Robert Haas <robertmhaas(at)gmail(dot)com>
To: stef(at)memberwebs(dot)com
Cc: Magnus Hagander <magnus(at)hagander(dot)net>, Abhijit Menon-Sen <ams(at)toroid(dot)org>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: pg_hba.conf: samehost and samenet [REVIEW]
Date: 2009-09-23 18:30:34
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-hackers
On Wed, Sep 23, 2009 at 12:41 PM, Stef Walter <stef-list(at)memberwebs(dot)com> wrote:
> Currently people are adding to a default pg_hba.conf file in
> order to allow access from nearby machines, without running into the
> maintenance problems of hard coding IP addresses. However using
> is clearly suboptimal from a security perspective.

If people aren't willing to take the time (5 minutes?) to create an
hba.conf file that implements a reasonable security policy, I'm not
sure anything we can do - and certainly not this - is going to help
very much.  I haven't really looked at this patch, but how confident
are we that this is actually portable?  It would be a shame to spend a
lot of time and energy troubleshooting portability problems with a
feature that - IMO - has a fairly marginal use case to begin with.

In response to


pgsql-hackers by date

Next:From: Hans-Juergen Schoenig -- PostgreSQLDate: 2009-09-23 18:53:54
Subject: Re: SELECT ... FOR UPDATE [WAIT integer | NOWAIT] for 8.5
Previous:From: David E. WheelerDate: 2009-09-23 18:29:17
Subject: Re: Unicode Normalization

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group