On Wed, Sep 23, 2009 at 12:41 PM, Stef Walter <[email protected]> wrote: > Currently people are adding 0.0.0.0 to a default pg_hba.conf file in > order to allow access from nearby machines, without running into the > maintenance problems of hard coding IP addresses. However using 0.0.0.0 > is clearly suboptimal from a security perspective.
If people aren't willing to take the time (5 minutes?) to create an hba.conf file that implements a reasonable security policy, I'm not sure anything we can do - and certainly not this - is going to help very much. I haven't really looked at this patch, but how confident are we that this is actually portable? It would be a shame to spend a lot of time and energy troubleshooting portability problems with a feature that - IMO - has a fairly marginal use case to begin with. ...Robert -- Sent via pgsql-hackers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
