Is this a TODO here, perhaps dumping authentication from tables?
---------------------------------------------------------------------------
Tom Lane wrote:
> "scott.marlowe" <scott.marlowe@ihs.com> writes:
> > since the purpose of the pg_hba.conf file is to ensure that you never
> > manage to lock yourself out of your database, might it make sense to have
> > a pg_hba table in each database that can be / will be / should be(???)
> > overidden by the pg_hba.conf file,
>
> I don't think we want user authentication driven off of actual tables.
> That would mean paying *all* the costs of backend launch before we could
> reject an invalid connection request.
>
> It might be possible to do something with a flat file as an intermediary
> between the postmaster and the tables that are the master data. We
> already do this for pg_shadow passwords, and I've been thinking of
> proposing that we add a flat file for the database name -> OID mapping
> so we could get rid of the horrid hack that is GetRawDatabaseInfo().
> Per-database flat files would be a bit messy though.
>
> regards, tom lane
>
> ---------------------------(end of broadcast)---------------------------
> TIP 3: if posting/reading through Usenet, please send an appropriate
> subscribe-nomail command to majordomo@postgresql.org so that your
> message can get through to the mailing list cleanly
>
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073