On Tue, 30 Jul 2002, Bruce Momjian wrote:
> Marc G. Fournier wrote:
> > You seem to have done a nice job with the + and @ for 'maps' ... how about
> > third on that states that the map file has a username:password pair in it?
> >
> > I do like how the pg_hba.conf has changed, just don't like the lose of
> > functionality :(
>
> OK, but the only logic for using it is your duplicate users. There
> would be no other reason someone would use such a feature, right?
Hrmmm ... let's make this simpler ... there was a thread going around
asking why MySQL vs PgSQL, and one of the answers had to do with ISPs ...
from a 'shared host' point of view, what is done for v7.3 makes it very
difficult for an ISP to 'save resources' by running one instance, without
them starting to look like hotmail:
bruce
bruce001
bruce002
bruce003
I'm lucky, I don't do virtual hosting, so I can use host/ip based
restrictions on our databases, with a select few requiring a password ...
but most out there do virtual hosting, which means that all the domains
connecting to the database look like they are coming from the same IP ...
so, I can easily do something like:
host database bruce IP1
host database bruce IP2
and know that client on IP1 can't look at client on IP2s database, even
with the same user ... but in a VH environment, you have:
host database bruce IP1
host database bruce IP1
in the old system, I could make both password based, so that altho both
bruce's were looking to come from the same IP, only the one with the right
password could connect, so Client on IP1's bruce wouldn't be able to look
in Client on IP2's database, since he wouldn't have the required password
to connect ...
> I assume it would be MD5?
I've been using DES, but MD5 would work too ...