Skip site navigation (1) Skip section navigation (2)

Re: Security choices...

From: Philip Warner <pjw(at)rhyme(dot)com(dot)au>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Security choices...
Date: 2000-07-28 16:39:21
Message-ID: 3.0.5.32.20000729023921.02700210@mail.rhyme.com.au (view raw or flat)
Thread:
Lists: pgsql-hackers
At 12:25 28/07/00 -0400, Tom Lane wrote:
>Philip Warner <pjw(at)rhyme(dot)com(dot)au> writes:
>> Is there any reason that a security model does not exist for psql that
>> allows Unix user 'fred' to log in as PG user 'fred' with no password etc,
>> but any user trying to log on as someone other than themselves has to
>> provide a password?
>
>Define "log in as themselves" --- in particular, how will you check?

I was thinking (in a very blinkered way) of client processes on the same
machine as the postmaster. Admitedly, I had not considered network access etc.

Even in this limited form, it does not seem too bad; is there a way the
postmaster can tell (a) the client is on the same machine, and (b) what the
process username is?


----------------------------------------------------------------
Philip Warner                    |     __---_____
Albatross Consulting Pty. Ltd.   |----/       -  \
(A.C.N. 008 659 498)             |          /(@)   ______---_
Tel: (+61) 0500 83 82 81         |                 _________  \
Fax: (+61) 0500 83 82 82         |                 ___________ |
Http://www.rhyme.com.au          |                /           \|
                                 |    --________--
PGP key available upon request,  |  /
and from pgp5.ai.mit.edu:11371   |/

In response to

Responses

pgsql-hackers by date

Next:From: Philip WarnerDate: 2000-07-28 16:52:57
Subject: Re: pg_dump & performance degradation
Previous:From: Tom LaneDate: 2000-07-28 16:25:18
Subject: Re: Security choices...

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group