Re: Thoughts on pg_hba.conf rejection
| От | Jaime Casanova |
|---|---|
| Тема | Re: Thoughts on pg_hba.conf rejection |
| Дата | |
| Msg-id | y2l3073cc9b1004070841y752f7366w7df999a6909ab3fc@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: Thoughts on pg_hba.conf rejection (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: Thoughts on pg_hba.conf rejection
|
| Список | pgsql-hackers |
On Wed, Apr 7, 2010 at 10:46 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote: > Simon Riggs <simon@2ndQuadrant.com> writes: >> When there is a specific reject rule, why does the server say >> FATAL: no pg_hba.conf entry > > It's intentional. We try to expose the minimum amount of knowledge > about the contents of pg_hba.conf to potential attackers. > i just tried it in CVS and in 8.4 and when i put a reject rule on pg_hba.conf what i get is: psql: FATAL: no pg_hba.conf entry for host "127.0.0.1", user "mic", database "mic" so we are giving a lot of info already changing "no pg_hba.conf entry" for "connection rejected" doesn't seem like a lot more and the change could be useful for a DBA understanding what happens -- Atentamente, Jaime Casanova Soporte y capacitación de PostgreSQL Asesoría y desarrollo de sistemas Guayaquil - Ecuador Cel. +59387171157
В списке pgsql-hackers по дате отправления: