Skip site navigation (1) Skip section navigation (2)

Re: psql and security

From: "Zeugswetter Andreas SB SD" <ZeugswetterA(at)spardat(dot)at>
To: "Peter Eisentraut" <peter_e(at)gmx(dot)net>, "Tatsuo Ishii" <t-ishii(at)sra(dot)co(dot)jp>
Cc: <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: psql and security
Date: 2001-09-21 14:21:31
Message-ID: 46C15C39FEB2C44BA555E356FBCD6FA421273E@m0114.s-mxs.net (view raw or flat)
Thread:
Lists: pgsql-hackers
> > As you can see, psql reconnect as any user if the password is same
as
> > foo. Of course this is due to the careless password setting, but I
> > think it's better to prompt ANY TIME the user tries to switch to
> > another user.
> 
> I'm not sure.  A few users have voiced concerns about this before, but
we
> have no count of the users that might enjoy this convenience. ;-)
> 
> Basically, the attack scenario here is that if you have a psql running
and
> leave your terminal, someone else can come in and get access to any
other
> database that you might have access to, without knowing your password.
> But given a running psql, figuring out the password isn't so hard
(running
> a debugger or inducing a core dump would be likely options), and
> concluding that this password is valid for all databases is trivial
since
> that's the default setup.

This feature was added to conveniently let an already connected user
switch to another database. Imho you could distinguish the exact case at
hand,
where a new user was specified and prompt for a new password.

Andreas

pgsql-hackers by date

Next:From: Marc G. FournierDate: 2001-09-21 14:21:55
Subject: Re: cvsup trouble
Previous:From: Thomas LockhartDate: 2001-09-21 13:26:36
Subject: Re: cvsup trouble

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group