Search Postgresql Archives

Re: access and security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Oct 30, 2006 at 01:34:34PM +0100, Andrew Kelly wrote:
> Hi all,
> 
> please forgive a (likely) less than clever question.
> 
> Are the barriers provided by pg_hba.conf enough from a security
> standpoint, or is it best to put up some iptable rules duplicating the
> restrictions?

iptables covers the entire server, whereas pg_hba.conf cancontrol per
database. Think of it as layers. If you know only two other machines
will ever access this server, you can use iptables to enforce this.
From those two machines, you than use pg_hba.conf to fine-tune the
access controls.

Have a nice day,
-- 
Martijn van Oosterhout   <kleptog@xxxxxxxxx>   http://svana.org/kleptog/
> From each according to his ability. To each according to his ability to litigate.

Attachment: signature.asc
Description: Digital signature


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux