On Thu, 26 Sep 2002, Jim Mercer wrote: > On Fri, Sep 27, 2002 at 11:15:35AM +1000, Gavin Sherry wrote: > > On Thu, 26 Sep 2002, Jim Mercer wrote: > > > > I would think so, and IMHO, that's where pgsql access control > > > > belongs, with pgsql. > > > > I totally disagree. It is a language level restriction, not a database > > level one, so why back it into Postgres? Just parse 'conninfo' when it is > > pg_(p)connect() and check it against the configuration setting. > > which is effectively what my code does, except i was lazy, and i let the > connection proceed, then check if PQdb() is in the auth list, and fail
Ahh yes. I meant to say this. No point being lazy when it comes to security. > maybe not _totally_ secure, but much moreso than nothing. > I was basically just suggesting that its effect needs to be documented. "This needs to be used in conjunction with other forms of security...." Gavin ---------------------------(end of broadcast)--------------------------- TIP 2: you can get off all lists at once with the unregister command (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])