Skip site navigation (1) Skip section navigation (2)

hacker help: PHP-4.2.3 patch to allow restriction of database access

From: Jim Mercer <jim(at)reptiles(dot)org>
To: pgsql-hackers(at)postgresql(dot)org
Subject: hacker help: PHP-4.2.3 patch to allow restriction of database access
Date: 2002-09-27 00:26:51
Message-ID: 20020927002651.GA50244@reptiles.org (view raw or flat)
Thread:
Lists: pgsql-hackers
the following was sent to the php developer's list, and they came back with:

> > Isn't it generally better (where "better" means more secure,
> > efficient, and easily maintained) to handle database access
> > control using PostgreSQL's native access mappings?
>
> I would think so, and IMHO, that's where pgsql access control
> belongs, with pgsql.

as best i can understand, there is no way to get apach/php/pgsql configured
(using "PostgreSQL's native access mappings") that would disallow php code
in one virtual host from connecting to any database on the system.

i understand that on a user level, we can control which tables they have
access to (disregarding that almost all access will be by the "web" user).

can anyone make some valid arguments for/against the patch in php?
or any suggestions on how to do it in pgsql?

----- Forwarded message from Jim Mercer <jim(at)reptiles(dot)org> -----

Date: Thu, 26 Sep 2002 14:54:45 -0400
From: Jim Mercer <jim(at)reptiles(dot)org>
To: pgsql-general(at)postgreSQL(dot)org
Subject: PHP-4.2.3 patch to allow restriction of database access


the patch is at:
ftp://ftp.reptiles.org/pub/php/php-pgsql.patch

this patch adds the config variable pgsql.allowed_dblist

by default it has no value, meaning all databases are accessible

it can contain a colon delimited list of databases that are accessible.

if the database accessed is not in the list, and the list is not null,
then an error is returned as if the database did not exist

this patch is relative to php-4.2.3

this function would be very useful to apache/virtual hosting.

i have tested with the following in my apache httpd.conf:

<Directory /home/www/htdocs/jim>
    php_admin_value pgsql.allowed_dblist    "jim:billing"
</Directory>

although it can be accomplished by other means, setting the variable to a
value of ":" effectively locks the code out of pgsql.

also, a special tag of "-all-" will allow access to all databases.

-- 
[ Jim Mercer        jim(at)reptiles(dot)org         +1 416 410-5633 ]
[          I want to live forever, or die trying.            ]

----- End forwarded message -----

-- 
[ Jim Mercer        jim(at)reptiles(dot)org         +1 416 410-5633 ]
[          I want to live forever, or die trying.            ]

Responses

pgsql-hackers by date

Next:From: Magnus Naeslund(f)Date: 2002-09-27 00:47:52
Subject: [ANNOUNCE] PQNotify java listen / notify hack
Previous:From: Joe ConwayDate: 2002-09-26 23:32:08
Subject: Re: About connectby() again

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group