Hi, thank you for taking time to review the patch.
On Fri, Oct 31, 2008 at 11:12 PM, Heikki Linnakangas
<heikki.linnakangas@enterprisedb.com> wrote:
> Fujii Masao wrote:
>>
>> Attached is a patch for a synchronous log-shipping replication which
>> was discussed just a month ago. I would like you to review this patch
>> in Nov commit fest.
>
> Here's some first quick comments:
>
> AFAICS, there's no security, at all. Anyone that can log in, can become a
> WAL sender, and receive all WAL for the whole cluster.
One simple solution is to define the database only for replication. In
this solution,
we can handle the authentication for replication like the usual database access.
That is, pg_hba.conf, the cooperation with a database role, etc are
supported also
in replication. So, a user can set up the authentication rules easily.
ISTM that there
is no advantage which separates authentication for replication from the existing
mechanism.
How about this solution?
--
Fujii Masao
NIPPON TELEGRAPH AND TELEPHONE CORPORATION
NTT Open Source Software Center
