Re: Checking pg_hba.conf in the child process
| От | Bruce Momjian |
|---|---|
| Тема | Re: Checking pg_hba.conf in the child process |
| Дата | |
| Msg-id | 20120224223407.GA10691@momjian.us обсуждение исходный текст |
| Ответ на | Re: Checking pg_hba.conf in the child process (Alvaro Herrera <alvherre@commandprompt.com>) |
| Список | pgsql-hackers |
On Fri, Feb 24, 2012 at 07:27:06PM -0300, Alvaro Herrera wrote: > > Excerpts from Bruce Momjian's message of vie feb 24 19:19:10 -0300 2012: > > In looking over our authentication code, I noticed that we create the > > child process before we check any of the pg_hba.conf file. Now, I > > realize we can't do authentication in the postmaster because of possible > > delay, and checking the user name and database name filters is just work > > that is better done in the child, but checking the IP address might > > prevent unauthorized clients from causing excessive process creation on > > the server. I know we have listen_addresses, but that defaults to "*" > > on the click-through installers, and not everybody knows how to set up a > > firewall. > > Hm, one thing to keep in mind is that we allow hostnames there. It'd be > a pain to have postmaster hang while resolving names. Yes, we would still need to recheck the filter in the child because of username/dbname limits, but your point is very valid --- any use of hostnames in pg_hba.conf would prevent us from doing IP checks. -- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + It's impossible for everything to be true. +
В списке pgsql-hackers по дате отправления: