Home > mailing lists

Re: pg_hba.conf alternative - Mailing list pgsql-hackers

From	Andrew Dunstan
Subject	Re: pg_hba.conf alternative
Date	February 9, 2006 16:27:24
Msg-id	43EB7B76.9000004@dunslane.net Whole thread Raw
In response to	Re: pg_hba.conf alternative (korry <korry@starband.net>)
Responses	Re: pg_hba.conf alternative (korry <korry@starband.net>)
List	pgsql-hackers

Tree view

korry wrote:

>>Since what he is worried about is the ability of admins to get at the
>>data by connecting to the postgres server (after changing pg_hba.conf),
>>this will not make the slightest difference - the data would be
>>decrypted before it ever got to the intruder.
>>    
>>
>
>I was suggesting that pg_hba.conf could be stored in the same encrypting 
>filesystem.
>
>
>  
>

Then how can it be changed? What if you need to allow access from, say, 
another user or another network? Oh, the admins have to change it ...

In the end you have to trust your admins or fire them and hire some you 
do trust.

cheers

andrew

pgsql-hackers by date:

From: Martijn van Oosterhout
Date: 09 February 2006, 16:18:44
Subject: Re: User Defined Types in Java

From: Tom Lane
Date: 09 February 2006, 16:28:48
Subject: Re: User Defined Types in Java

Re: pg_hba.conf alternative - Mailing list pgsql-hackers

Previous

Next