Re: Restricting user -> database access.

"C. Bensend" <benny(at)bennyvision(dot)com> writes:
> local all crypt
> host all 127.0.0.1 255.255.255.255 crypt

> hostssl bobsdb a.b.c.d 255.255.255.255 ident sameuser

> In response to "you have additional pg_hba lines that you're
> not showing us", that's all I have. Honestly.

The above lines say that anyone coming from the local machine (over
either a Unix socket or loopback IP) can get into any database if they
supply a valid Postgres userid and password. Anyone coming from a.b.c.d
(I assume this is *not* your local machine) can get into only bobsdb,
and only if the Postgres userid they specify matches what ident reports
as their Unix userid.

Perhaps you want "sameuser" instead of "all" in the first two lines.

You're correct that psql's \c doesn't re-prompt for the password if the
one originally given is still accepted. Offhand that does not strike me
as a security lapse.

> hostssl balmer a.b.c.d 255.255.255.255 ident sameuser
> hostssl ertz a.b.c.d 255.255.255.255 ident sameuser

> As user 'balmer' from the client machine, I can connect to
> the 'balmer' database. Yay. :) And now, as balmer, I can
> "\c ertz" and connect to the ertz database. Not so good. :(

Sure enough, that's what the config file says is allowed. Try
replacing these two lines with

hostssl sameuser a.b.c.d 255.255.255.255 ident sameuser

which I think is closer to the behavior you are looking for.

regards, tom lane