| From: | "A(dot) Kretschmer" <andreas(dot)kretschmer(at)schollglas(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: access and security |
| Date: | 2006-10-30 12:52:41 |
| Message-ID: | 20061030125241.GC7666@a-kretschmer.de |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
am Mon, dem 30.10.2006, um 13:34:34 +0100 mailte Andrew Kelly folgendes:
> Hi all,
>
> please forgive a (likely) less than clever question.
>
> Are the barriers provided by pg_hba.conf enough from a security
> standpoint, or is it best to put up some iptable rules duplicating the
> restrictions?
Of cource, you can define rules for iptables to prevent access to your
database. But consider, this rules obtain for the entire
database-cluster. With pg_hba.conf you can define different permissions
for different databases.
If you need this, than you can't use iptables for this.
Andreas
--
Andreas Kretschmer
Kontakt: Heynitz: 035242/47215, D1: 0160/7141639 (mehr: -> Header)
GnuPG-ID: 0x3FFF606C, privat 0x7F4584DA http://wwwkeys.de.pgp.net
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Richard Broersma Jr | 2006-10-30 12:55:03 | Re: postgresql books and convertion utilities |
| Previous Message | Andrew Kelly | 2006-10-30 12:34:34 | access and security |