| From: | Simon Riggs <simon(at)2ndQuadrant(dot)com> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Thoughts on pg_hba.conf rejection |
| Date: | 2010-04-07 10:51:52 |
| Message-ID: | 1270637512.24910.6695.camel@ebony |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
When there is a specific reject rule, why does the server say
FATAL: no pg_hba.conf entry
That sounds like an administrative error, rather than a specific
decision on the part of an admin to reject the connection. Suggested
message would be
FATAL: connection rejected for host "xxx", user "xxxx", database "xxx"
Clearly needs to be secure. Does the second message give any information
to a would-be hacker than the first? I don't think so, but it certainly
helps an admin work out if they've missed something.
--
Simon Riggs www.2ndQuadrant.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Heikki Linnakangas | 2010-04-07 10:59:42 | Re: Quoting in recovery.conf |
| Previous Message | Magnus Hagander | 2010-04-07 10:31:22 | Re: Win32 timezone matching |