Re: MySQL interview, no mention of PostgreSQL

Robert Treat wrote:
> On Fri, 2003-10-17 at 07:23, Bruce Momjian wrote:
> > Neil Conway wrote:
> > > On Thu, 2003-10-16 at 12:54, Josh Berkus wrote:
> > > > While one could write  a utility in Postgres to create/process the file, the
> > > > "live" version of pg_hba.conf *must* be outside the database.   If our ACL
> > > > was in the database, then how would we know who has the rights to read the
> > > > ACL?
> > >
> > > I don't see why this is a show-stopping problem. Can you elaborate?
> >
> > We don't want to fire up a backend until we know this is a valid user.
> > You could easily bring a server to a standstill by just sending false
> > connection requests.  Sure, you can still do that by flooding the
> > machine, but a database lookup is significantly more expensive than
> > checking a connection packet.
>
> <devils advocate>
> why not hav a guc available in postgresql.conf that switches
> authentication from a pg_hba.conf file to a pg_hba table inside the
> database? this would allow people to choose a database based
> authentication scheme if their willing to shoulder the "risks" involved,
> and would prevent database lockout since you could always flip the guc
> and restart the database to authenticate against the file to allow
> admins back into the system
> </devils advocate>

I guess we could do it, but more easily we could dump a table to the
output file pg_hba.conf just like we do for pg_pwd and pg_group now.
It could be a global table like pg_shadow and pg_group.  Of course, you
have the problem of getting the database started to modify the table.

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073