| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Michael Fork <mfork(at)toledolink(dot)com> |
| Cc: | PostgresSQL mailing list <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Trying to build 7.0.3 on SCO 5.0.4 |
| Date: | 2000-11-21 21:07:51 |
| Message-ID: | 2922.974840871@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Michael Fork <mfork(at)toledolink(dot)com> writes:
> However, these lines are in pg_hba.conf, which in my opinion needs should
> have a disclaimer in big letters as to exactly the security hole it
> creates.
>
> #host all 192.168.54.1 255.255.255.255 reject
> #host all 0.0.0.0 0.0.0.0 trust
> #
> # The above would allow anyone anywhere except from 192.168.54.1 to
> # connect to any database under any username.
Well, it does *say* that, but maybe the letters aren't blinking red ;-)
There's no real good reason to use such a damn-fool configuration as
an example anyway, so I've modified the example to show Kerberos
authentication allowed from anywhere. Better?
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Smith | 2000-11-21 21:52:13 | Re: Trying to build 7.0.3 on SCO 5.0.4 |
| Previous Message | Robert D. Nelson | 2000-11-21 21:07:00 | RE: Trying to build 7.0.3 on SCO 5.0.4 |