Home > mailing lists

Re: host name support in pg_hba.conf - Mailing list pgsql-hackers

From	Stephen Frost
Subject	Re: host name support in pg_hba.conf
Date	August 9, 2010 19:29:58
Msg-id	20100809192949.GB26232@tamriel.snowman.net Whole thread Raw
In response to	Re: host name support in pg_hba.conf ("Kevin Grittner" <Kevin.Grittner@wicourts.gov>)
List	pgsql-hackers

Tree view

* Kevin Grittner (Kevin.Grittner@wicourts.gov) wrote:
> > The client's IP address (known from the kernel)
>
> Some machines have several IP addresses; how is that handled?

Sounds like he already described it, or I read it wrong.  The fact that
some machines have several IP addresses hardly matters- whatever IP is
used to connect to PG is what gets the reverse DNS lookup.  That then
returns a host.  That host is then looked up, and as long as *one* of
the IPs associated with that host matches the IP of the connector, it's
good to go.

> > is reverse looked up, which results in a host name.
>
> Some IP addresses have several host names, including in reverse
> lookup; how is that handled?

Yeahhhh...  That's just busted, imnsho.  But then, that's probably
because it breaks Kerberos too. :)
Thanks,
    Stephen

pgsql-hackers by date:

From: Markus Wanner
Date: 09 August 2010, 19:28:41
Subject: Re: dynamically allocating chunks from shared memory

From: Robert Haas
Date: 09 August 2010, 20:02:21
Subject: Re: security label support, part.2

Re: host name support in pg_hba.conf - Mailing list pgsql-hackers

Previous

Next