Home > mailing lists

Thoughts on pg_hba.conf rejection - Mailing list pgsql-hackers

From	Simon Riggs
Subject	Thoughts on pg_hba.conf rejection
Date	April 7, 2010 10:52:09
Msg-id	1270637512.24910.6695.camel@ebony Whole thread Raw
Responses	Re: Thoughts on pg_hba.conf rejection (Tom Lane <tgl@sss.pgh.pa.us>) Re: Thoughts on pg_hba.conf rejection (Josh Berkus <josh@agliodbs.com>)
List	pgsql-hackers

Tree view

When there is a specific reject rule, why does the server say 

FATAL:  no pg_hba.conf entry

That sounds like an administrative error, rather than a specific
decision on the part of an admin to reject the connection. Suggested
message would be

FATAL: connection rejected for host "xxx", user "xxxx", database "xxx"

Clearly needs to be secure. Does the second message give any information
to a would-be hacker than the first? I don't think so, but it certainly
helps an admin work out if they've missed something.

-- Simon Riggs           www.2ndQuadrant.com

pgsql-hackers by date:

From: Magnus Hagander
Date: 07 April 2010, 10:31:34
Subject: Re: Win32 timezone matching

From: Heikki Linnakangas
Date: 07 April 2010, 11:00:02
Subject: Re: Quoting in recovery.conf

Thoughts on pg_hba.conf rejection - Mailing list pgsql-hackers

Previous

Next