Re: Recognizing superuser in pg_hba.conf
| От | Tom Lane |
|---|---|
| Тема | Re: Recognizing superuser in pg_hba.conf |
| Дата | |
| Msg-id | 23935.1577556451@sss.pgh.pa.us обсуждение исходный текст |
| Ответ на | Recognizing superuser in pg_hba.conf (Vik Fearing <vik.fearing@2ndquadrant.com>) |
| Ответы |
Re: Recognizing superuser in pg_hba.conf
|
| Список | pgsql-hackers |
Vik Fearing <vik.fearing@2ndquadrant.com> writes:
> It can sometimes be useful to match against a superuser in pg_hba.conf.
Seems like a reasonable desire.
> Adding another keyword can break backwards compatibility, of course. So
> that is an issue that needs to be discussed, but I don't imagine too
> many people are using role names "superuser" and "nonsuperuser". Those
> who are will have to quote them.
I'm not very happy about the continuing creep of pseudo-reserved database
and user names in pg_hba.conf. I wish we'd adjust the notation so that
these keywords are syntactically distinct from ordinary names. Given
the precedent that "+" and "@" prefixes change what an identifier means,
maybe we could use "*" or some other punctuation character as a keyword
prefix? We'd have to give grandfather exceptions to the existing
keywords, at least for a while, but we could say that new ones won't be
recognized without the prefix.
regards, tom lane
В списке pgsql-hackers по дате отправления: