| From: | Gregory Stark <stark(at)enterprisedb(dot)com> |
|---|---|
| To: | "Robert Treat" <xzilla(at)users(dot)sourceforge(dot)net> |
| Cc: | "Joe Conway" <mail(at)joeconway(dot)com>, "pgsql-patches" <pgsql-patches(at)postgresql(dot)org> |
| Subject: | Re: dblink connection security |
| Date: | 2007-07-01 18:36:23 |
| Message-ID: | 87abugeztk.fsf@oxford.xeocode.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
"Robert Treat" <xzilla(at)users(dot)sourceforge(dot)net> writes:
>> In particular Postgres's "trust" authentication is one such system. It
>> authenticates connecting users based on the unix userid of the process
>> forming the connection. In typical configurations any user who is granted
>> execute access to dblink can form connections as the "postgres" user which
>> is the database super-user. If "trust" authentication is disabled this is
>> no longer an issue.
>
> Did you mean s/trust/ident/g, otherwise I don't think I understand the
> above... granted the combination of trust for localhost does open a door
> for remote users if they have access to dblink, but I don't think that's what
> you were trying to say.
Er quite right. Moreover it's not even true that ``"if "ident" authentication
is disabled this is no longer an issue''. It's still possible to have other
restrictions in pg_hba which dblink would allow you to circumvent. That
sentence is too generous of a promise.
--
Gregory Stark
EnterpriseDB http://www.enterprisedb.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2007-07-01 18:51:59 | Re: dblink connection security |
| Previous Message | Magnus Hagander | 2007-07-01 18:24:32 | Re: dblink connection security |