On Wed, Apr 7, 2010 at 10:46 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Simon Riggs <simon@2ndQuadrant.com> writes:
>> When there is a specific reject rule, why does the server say
>> FATAL: no pg_hba.conf entry
>
> It's intentional. We try to expose the minimum amount of knowledge
> about the contents of pg_hba.conf to potential attackers.
>
i just tried it in CVS and in 8.4 and when i put a reject rule on
pg_hba.conf what i get is:
psql: FATAL: no pg_hba.conf entry for host "127.0.0.1", user "mic",
database "mic"
so we are giving a lot of info already changing "no pg_hba.conf entry"
for "connection rejected" doesn't seem like a lot more and the change
could be useful for a DBA understanding what happens
--
Atentamente,
Jaime Casanova
Soporte y capacitación de PostgreSQL
Asesoría y desarrollo de sistemas
Guayaquil - Ecuador
Cel. +59387171157
