Re: Synchronous replication patch v1
| От | Heikki Linnakangas |
|---|---|
| Тема | Re: Synchronous replication patch v1 |
| Дата | |
| Msg-id | 49106F8D.9060204@enterprisedb.com обсуждение исходный текст |
| Ответ на | Re: Synchronous replication patch v1 ("Fujii Masao" <masao.fujii@gmail.com>) |
| Ответы |
Re: Synchronous replication patch v1
|
| Список | pgsql-hackers |
Fujii Masao wrote: > On Fri, Oct 31, 2008 at 11:12 PM, Heikki Linnakangas > <heikki.linnakangas@enterprisedb.com> wrote: >> AFAICS, there's no security, at all. Anyone that can log in, can become a >> WAL sender, and receive all WAL for the whole cluster. > > One simple solution is to define the database only for replication. In > this solution, > we can handle the authentication for replication like the usual database access. > That is, pg_hba.conf, the cooperation with a database role, etc are > supported also > in replication. So, a user can set up the authentication rules easily. You mean like a pseudo database name in pg_hba.conf, and in the startup message, that actually means "connect for replication"? Yeah, something like that sounds reasonable to me. > ISTM that there> is no advantage which separates authentication for replication from the existing> mechanism. Agreed. -- Heikki Linnakangas EnterpriseDB http://www.enterprisedb.com
В списке pgsql-hackers по дате отправления: