Re: pg_hba.conf alternative

From: Tino Wildenhain <tino(at)wildenhain(dot)de>
To: Q Beukes <pgsql-dev(at)list(dot)za(dot)net>
Cc: Postgresql Dev <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: pg_hba.conf alternative
Date: 2006-02-13 08:18:18
Message-ID: 43F040CA.2050209@wildenhain.de
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Q Beukes schrieb:
> how? is there some kernel patch to completely to enable you to deny
> access to root?
> Tino Wildenhain pointed out SELinux has a feature like that.

I still dont get your problem (apart from that you can always
google for SELinux)

Why arent the other "admins" not trustworthy? And why do you
have many of them? If they only check logs and create users,
why do they have to be admins? They could use carefully
configured sudo as well to fullfill their tasks w/o full
access to the system.

I'd say, grep your problem at the root (literally spoken)

Regards
Tino

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Rick Gigger 2006-02-13 08:34:30 Re: pg_hba.conf alternative
Previous Message Q Beukes 2006-02-13 08:06:51 Re: pg_hba.conf alternative