am Mon, dem 30.10.2006, um 13:34:34 +0100 mailte Andrew Kelly folgendes:
> Hi all,
>
> please forgive a (likely) less than clever question.
>
> Are the barriers provided by pg_hba.conf enough from a security
> standpoint, or is it best to put up some iptable rules duplicating the
> restrictions?
Of cource, you can define rules for iptables to prevent access to your
database. But consider, this rules obtain for the entire
database-cluster. With pg_hba.conf you can define different permissions
for different databases.
If you need this, than you can't use iptables for this.
Andreas
--
Andreas Kretschmer
Kontakt: Heynitz: 035242/47215, D1: 0160/7141639 (mehr: -> Header)
GnuPG-ID: 0x3FFF606C, privat 0x7F4584DA http://wwwkeys.de.pgp.net