I wrote: > Robert Haas <robertmh...@gmail.com> writes: >> On Wed, Apr 14, 2010 at 4:24 PM, Aidan Van Dyk <ai...@highrise.ca> wrote: >>> I think it sort of just died. I'm in favour of making sure we don't >>> give out any extra information, so if the objection to the message is >>> simply that "no pg_hba.conf entry" is "counterfactual" when there is an >>> entry rejecting it, how about: >>> "No pg_hba.conf authorizing entry" >>> >>> That's no longer counter-factual, and works for both no entry, and a >>> rejecting entry...
>> That works for me. > It needs copy-editing. Maybe > no pg_hba.conf entry allows access for host ... user ... Actually, on reflection, I'm not sure that these suggestions really do anything for the "counter-factual" complaint. The case where you'd normally use an explicit REJECT entry is where you're REJECTing some limited case in an entry that is before a wider-scope entry that would accept it. So it doesn't seem entirely accurate to say that there is no pg_hba.conf entry that would accept the connection. There is one but it's not the one we chose. I'm thinking there isn't anything much we can do here without using a different message wording for a match to a REJECT entry. So it's a straight-up tradeoff of possible security information leakage against whether a different wording is really helpful to the admin. Both of those seem like fairly marginal concerns, really, so I'm having a hard time deciding which one ought to win. But given that nobody complained before this, is it worth changing? regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers