Jaime Casanova <jcasanov@systemguards.com.ec> writes:
> On Wed, Apr 7, 2010 at 10:46 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> It's intentional. We try to expose the minimum amount of knowledge
>> about the contents of pg_hba.conf to potential attackers.
> i just tried it in CVS and in 8.4 and when i put a reject rule on
> pg_hba.conf what i get is:
> psql: FATAL: no pg_hba.conf entry for host "127.0.0.1", user "mic",
> database "mic"
> so we are giving a lot of info already
All three of those data values are known to the client; they don't add
knowledge about what is in pg_hba.conf.
regards, tom lane