Re: Bugtraq: Having Fun With PostgreSQL

On Tue, 26 Jun 2007, Andrew Dunstan wrote:

> Jeremy Drake wrote:
>
> > 2. If you cannot tell what process is connecting on a local socket (which
> > I suspect you cannot portably),
>
>
> See ident_unix() in hba.c.
>
> It might not be 100% portable but I think it's fairly close for platforms
> that actually have unix sockets.

It looks to me (looking at docs on the various functions used there) that
only Linux supports getting the PID of the connecting process. The other
various *BSD methods tend only to give the uid and gid, which will not be
helpful if the connection is coming from another backend in the same
cluster.

In the linux case, it looks like one would need to get the client pid, try
to get the PGPROC entry for it, if it exists get the roleid out of that
and allow connections as that role.

For any other case, some sort of painful protocol hack would be in order.
The best way I can see is to see if the client process is owned by the
same user as the database cluster, and if so send an auth request (like
the SCM_CRED one), which would be responded to with the pid and a random
sequence stored in the PGPROC entry. The server then proves the backend
really is the one it claims to be by looking up the PID's PGPROC entry,
and making sure the token matches.

This is all just thinking out loud, of course... I have no plans to
implement this in the short-term, but it may be an interesting project in
the future.

--
I like to believe that people in the long run are going to do more to
promote peace than our governments. Indeed, I think that people want
peace so much that one of these days governments had better get out of
the way and let them have it.
-- Dwight D. Eisenhower