From: | "Drouvot, Bertrand" <bertranddrouvot(dot)pg(at)gmail(dot)com> |
---|---|
To: | Michael Paquier <michael(at)paquier(dot)xyz> |
Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Jacob Champion <jchampion(at)timescale(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
Subject: | Re: Patch proposal: make use of regular expressions for the username in pg_hba.conf |
Date: | 2022-10-05 13:32:20 |
Message-ID: | f13e7161-c962-c430-e745-b3f148a2f0c2@gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Hi,
On 10/5/22 9:24 AM, Michael Paquier wrote:
> Something that stood out on a first review is the refactoring of
> 001_password.pl that can be done independently of the main patch:
Good idea, thanks for the proposal.
> - test_role() -> test_conn() to be able to pass down a database name.
> - reset_pg_hba() to control the host, db and user parts. The host
> part does not really apply after moving the hosts checks to a more
> secure location, so I guess that this had better be extended just for
> the user and database, keeping host=local all the time.
> I am planning to apply 0001 attached independently,
0001 looks good to me.
> reducing the
> footprint of 0002, which is your previous patch left untouched
> (mostly!).
Thanks! I'll look at it and the comments you just made up-thread.
Regards,
--
Bertrand Drouvot
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com
From | Date | Subject | |
---|---|---|---|
Next Message | Peter Eisentraut | 2022-10-05 13:33:45 | Re: [PoC] Let libpq reject unexpected authentication requests |
Previous Message | Peter Eisentraut | 2022-10-05 13:24:31 | Re: installing static libraries (was building postgres with meson) |