Home > mailing lists

Re: changing pb_hba.conf file with pgadmin3 - Mailing list pgsql-admin

From	Rosser Schwarz
Subject	Re: changing pb_hba.conf file with pgadmin3
Date	January 14, 2014 22:47:33
Msg-id	CAFnxYwhb7e=tpQHzKyELgy=JmmNqqw7knVqz_n_BRMmE8n-j_g@mail.gmail.com Whole thread Raw
In response to	Re: changing pb_hba.conf file with pgadmin3 (Korry Douglas <korry.douglas@enterprisedb.com>)
Responses	Re: changing pb_hba.conf file with pgadmin3
List	pgsql-admin

Tree view

On Tue, Jan 14, 2014 at 11:35 AM, Korry Douglas <korry.douglas@enterprisedb.com> wrote:

pgadmin could use the new ALTER SYSTEM command (coming in 9.4)

ALTER SYSTEM is for setting (some — specifically, runtime configurable) postgresql.conf directives, not pg_hba.conf rules. See <http://www.postgresql.org/docs/devel/static/sql-altersystem.html>

Assume for a moment that you could change hba rules with ALTER SYSTEM: what happens if a malicious user were to add a "host all all 0.0.0.0/0 reject" rule? Or, perhaps worse, "host all postgres 0.0.0.0/0 trust"?

rls

--
:wq

pgsql-admin by date:

From: Erik Jones
Date: 14 January 2014, 22:39:43
Subject: Any potential race condition danger from repeated config entries?

From: Korry Douglas
Date: 14 January 2014, 23:27:57
Subject: Re: changing pb_hba.conf file with pgadmin3

Re: changing pb_hba.conf file with pgadmin3 - Mailing list pgsql-admin

Previous

Next