Skip site navigation (1) Skip section navigation (2)

Re: [HACKERS] reduce pg_hba.conf restrictions ...

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: The Hermit Hacker <scrappy(at)hub(dot)org>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: [HACKERS] reduce pg_hba.conf restrictions ...
Date: 2000-02-01 03:43:24
Message-ID: 12632.949376604@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackers
The Hermit Hacker <scrappy(at)hub(dot)org> writes:
> is there any reason why we can't make the permissions on pg_hba.conf 600
> vs 400?  the data directory itself is only readable by the 'superuser'...

I think the motivation may have been to prevent an attacker who manages
to connect as superuser from overwriting the pg_hba.conf file with
something more liberal (using backend-side COPY).  However, if he's
already managed to connect as superuser, it's difficult to see what
he needs more-liberal connection privileges for.

600 does seem a lot more convenient for the admin.  400 might save
the admin from some simple kinds of human error --- but not if he's
already in the habit of overriding the protection whenever he updates
the file.

In short, I agree.  Does anyone else see any real security gain from
making it 400?

			regards, tom lane

In response to

pgsql-hackers by date

Next:From: Tom LaneDate: 2000-02-01 03:52:37
Subject: Re: [HACKERS] freefuncs.c is never called from anywhere!?
Previous:From: Bruce MomjianDate: 2000-02-01 03:38:02
Subject: Re: [HACKERS] Re: Case-folding bogosity in new psql

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group