Re: Disable executing external commands from psql?

Ken,

* Ken Tanzer (ken(dot)tanzer(at)gmail(dot)com) wrote:
> Hi. I'm wondering if it is possible to disable use of \! to execute
> commands in psql? I see this has come up on the list before
> (http://archives.postgresql.org/pgsql-admin/2007-07/msg00242.php), but I
> don't see anyone saying whether it is possible or not, just that it's a
> bad or useless idea.

It'd be difficult to close all the holes and would result in seriously
reduced functionality to your users.

> It may or may not be a bad idea (e.g., carry some risk). My scenario is
> that I'd like to give people that I don't necessarily know (or therefore
> trust) the ability to run psql for a database I've already set up for
> them. I set their login shell to psql, so they can simply ssh in, and
> they are in psql. From there, though, they can do a simple \!
> /bin/bash, and they've got way more access than I want them to.

You can port-forward the database port through SSH (so you'd only expose
port 22 to the internet) and then have the clients run psql on their
system. That would let them use things like \copy, which is extremely
useful.

> So is there any way to disable the "\!" stuff? If there's a better way
> to go about this, I suppose I'm all ears too!

Yes, listen to the suggestions made by myself and others.. Disabling \!
wouldn't be enough and the more you hack on psql to disable things to
become a 'secure' database shell, the more annoyed and frustrated your
users will end up being.

Have you considered something like linux containers or vservers instead?

Thanks,

Stephen