Hi, thank you for taking time to review the patch. On Fri, Oct 31, 2008 at 11:12 PM, Heikki Linnakangas <[EMAIL PROTECTED]> wrote: > Fujii Masao wrote: >> >> Attached is a patch for a synchronous log-shipping replication which >> was discussed just a month ago. I would like you to review this patch >> in Nov commit fest. > > Here's some first quick comments: > > AFAICS, there's no security, at all. Anyone that can log in, can become a > WAL sender, and receive all WAL for the whole cluster.
One simple solution is to define the database only for replication. In this solution, we can handle the authentication for replication like the usual database access. That is, pg_hba.conf, the cooperation with a database role, etc are supported also in replication. So, a user can set up the authentication rules easily. ISTM that there is no advantage which separates authentication for replication from the existing mechanism. How about this solution? -- Fujii Masao NIPPON TELEGRAPH AND TELEPHONE CORPORATION NTT Open Source Software Center -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
