Re: PG vs MySQL

"scott.marlowe" <scott.marlowe@ihs.com> writes:
> since the purpose of the pg_hba.conf file is to ensure that you never
> manage to lock yourself out of your database, might it make sense to have
> a pg_hba table in each database that can be / will be / should be(???)
> overidden by the pg_hba.conf file,

I don't think we want user authentication driven off of actual tables.
That would mean paying *all* the costs of backend launch before we could
reject an invalid connection request.

It might be possible to do something with a flat file as an intermediary
between the postmaster and the tables that are the master data.  We
already do this for pg_shadow passwords, and I've been thinking of
proposing that we add a flat file for the database name -> OID mapping
so we could get rid of the horrid hack that is GetRawDatabaseInfo().
Per-database flat files would be a bit messy though.

            regards, tom lane