| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "scott(dot)marlowe" <scott(dot)marlowe(at)ihs(dot)com> |
| Cc: | "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com>, Mike Nolan <nolan(at)gw(dot)tssi(dot)com>, "Marc G(dot) Fournier" <scrappy(at)postgresql(dot)org>, Alex <alex(at)meerkatsoft(dot)com>, Frank Finner <postgresql(at)finner(dot)de>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: PG vs MySQL |
| Date: | 2004-03-29 20:54:04 |
| Message-ID: | 8603.1080593644@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
"scott.marlowe" <scott(dot)marlowe(at)ihs(dot)com> writes:
> since the purpose of the pg_hba.conf file is to ensure that you never
> manage to lock yourself out of your database, might it make sense to have
> a pg_hba table in each database that can be / will be / should be(???)
> overidden by the pg_hba.conf file,
I don't think we want user authentication driven off of actual tables.
That would mean paying *all* the costs of backend launch before we could
reject an invalid connection request.
It might be possible to do something with a flat file as an intermediary
between the postmaster and the tables that are the master data. We
already do this for pg_shadow passwords, and I've been thinking of
proposing that we add a flat file for the database name -> OID mapping
so we could get rid of the horrid hack that is GetRawDatabaseInfo().
Per-database flat files would be a bit messy though.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | scott.marlowe | 2004-03-29 21:22:20 | Re: PG vs MySQL |
| Previous Message | Bruno Wolff III | 2004-03-29 20:44:10 | Re: Interval constant syntax, was Re: Interval & check clause |