From: | Bruce Momjian <bruce(at)momjian(dot)us> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Andres Freund <andres(at)anarazel(dot)de>, Peter Eisentraut <peter_e(at)gmx(dot)net>, Magnus Hagander <magnus(at)hagander(dot)net>, Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Information of pg_stat_ssl visible to all users |
Date: | 2015-08-29 20:27:12 |
Message-ID: | 20150829202712.GD28360@momjian.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Tue, Jul 7, 2015 at 12:57:58PM -0400, Tom Lane wrote:
> Andres Freund <andres(at)anarazel(dot)de> writes:
> > On 2015-07-07 12:03:36 -0400, Peter Eisentraut wrote:
> >> I think the DN is analogous to the remote user name, which we don't
> >> expose for any of the other authentication methods.
>
> > Huh?
>
> Peter's exactly right: there is no other case where you can tell what
> some other connection's actual OS username is. You might *guess* that
> it's the same as their database username, but you don't know that,
> assuming you don't know how they authenticated.
>
> I'm not sure how security-critical this info really is, though.
I know I am coming in late here, but I know Heroku uses random user
names to allow a cluster to have per-user databases without showing
external user name details:
=> \du
List of roles
Role name | Attributes | Member of
----------------+------------------------------------------------+-----------
aafgrwewediiqz | 20 connections | {}
aaszwkfnholarh | 20 connections | {}
aatbelxbaeriwy | 20 connections | {}
aaxiwolkcxmbxo | 20 connections | {}
abbyljzgqaonjb | 20 connections | {}
I can see them having problems with a user being able to see the SSL
remote user names of all connected users.
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ Everyone has their own god. +
From | Date | Subject | |
---|---|---|---|
Next Message | Jim Nasby | 2015-08-29 20:27:15 | Re: buffer README is out of date |
Previous Message | Tom Lane | 2015-08-29 20:27:10 | Re: to_json(NULL) should to return JSON null instead NULL |