am Mon, dem 30.10.2006, um 13:34:34 +0100 mailte Andrew Kelly folgendes: > Hi all, > > please forgive a (likely) less than clever question. > > Are the barriers provided by pg_hba.conf enough from a security > standpoint, or is it best to put up some iptable rules duplicating the > restrictions?
Of cource, you can define rules for iptables to prevent access to your database. But consider, this rules obtain for the entire database-cluster. With pg_hba.conf you can define different permissions for different databases. If you need this, than you can't use iptables for this. Andreas -- Andreas Kretschmer Kontakt: Heynitz: 035242/47215, D1: 0160/7141639 (mehr: -> Header) GnuPG-ID: 0x3FFF606C, privat 0x7F4584DA http://wwwkeys.de.pgp.net ---------------------------(end of broadcast)--------------------------- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly
