| From: | Terje Elde <terje(at)elde(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | "hv(at)tbz-pariv(dot)de" <hv(at)tbz-pariv(dot)de>, "pgsql-bugs(at)postgresql(dot)org" <pgsql-bugs(at)postgresql(dot)org> |
| Subject: | Re: BUG #8375: pg_hba.conf: Include_dir like in postgresql.conf |
| Date: | 2013-08-08 15:58:05 |
| Message-ID: | 23925602-7657-4A80-A010-3CAF69CC9286@elde.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On 8. aug. 2013, at 14:39, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> This doesn't seem like a remarkably good idea from here, mainly because
> entries in pg_hba.conf are critically order-dependent. Dropping random
> entries into a conf.d-like directory could produce unexpected results
> --- and in this case, "unexpected result" probably means "security
> failure".
Don't mean to spark or fuel any major discussion on this, but other than seconding that, I'd like to add in that if you need anything that advanced, chances are that you should either look at simplifying (wildcard usernames, etc), look at other authentication-systems (PAM), or set up a build-sytem for pg_hba.
Terje
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kevin Grittner | 2013-08-08 18:18:22 | Re: How to avoid Force Autovacuum |
| Previous Message | Tom Lane | 2013-08-08 12:39:21 | Re: BUG #8375: pg_hba.conf: Include_dir like in postgresql.conf |