Re: BUG #8375: pg_hba.conf: Include_dir like in postgresql.conf - Mailing list pgsql-bugs

From Terje Elde
Subject Re: BUG #8375: pg_hba.conf: Include_dir like in postgresql.conf
Date
Msg-id 23925602-7657-4A80-A010-3CAF69CC9286@elde.net
Whole thread Raw
In response to Re: BUG #8375: pg_hba.conf: Include_dir like in postgresql.conf  (Tom Lane <tgl@sss.pgh.pa.us>)
List pgsql-bugs
On 8. aug. 2013, at 14:39, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> This doesn't seem like a remarkably good idea from here, mainly because
> entries in pg_hba.conf are critically order-dependent.  Dropping random
> entries into a conf.d-like directory could produce unexpected results
> --- and in this case, "unexpected result" probably means "security
> failure".

Don't mean to spark or fuel any major discussion on this, but other than sec=
onding that, I'd like to add in that if you need anything that advanced, cha=
nces are that you should either look at simplifying (wildcard usernames, etc=
), look at other authentication-systems (PAM), or set up a build-sytem for p=
g_hba.=20

Terje

pgsql-bugs by date:

Previous
From: Mitali Rajendra Dalvi
Date:
Subject: Regarding postgre slow query response with pgp_sym_decrypt
Next
From: selhelou@ca.ibm.com
Date:
Subject: BUG #8378: JDBC driver DatabaseMetaData.getCatalogTerm returns "database" rather than null or empty string