Re: drupal.org MySQL database issues

Gavin M. Roy wrote:
> There is something to be said though with the security of not allowing
> the daemon to alter pg_hba.conf.

You make it so only a superuser can insert into the table (it would be a
pg_ table). Further only a super user could call the pg_reload function
that we already allow.

What I think would work is a two step
> auth process that uses a pg_hba table then falls back to pg_hba.conf if
> there is no match. This keeps the complete security of preventing
> compromised database from altering the text file.
>
> Thoughts?
>

Well consider this :). If they can alter the pg_hba.conf file, it
doesn't matter what happens next (or before for that matter).

Joshua D. Drake

> Gavin
>
> On 5/17/07, *Joshua D. Drake* <jd(at)commandprompt(dot)com
> <mailto:jd(at)commandprompt(dot)com>> wrote:
>
> Magnus Hagander wrote:
> > Gavin M. Roy wrote:
> >> I think for one, mysql uses tables for all of its access control.
> >> Coding plesk/cpanel to modify pg_hba.conf and rehup postgres
> would take
> >> a bit more work, I would imagine.
> >
> > In a lot of environments, it'd certainly be impossible, at least
> until
> > we make it possible to edit the config files remote... (oops,
> recap of
> > endless amounts of discussions on letting pgadmin do that..)
>
> Well more to the point. There really is zero reason why we can't have a
> table representation of pg_hba_conf that is the pg_hba.conf file that
> has triggers that right out the file.
>
>
> >
> >> Do we really want to pursue making PostgreSQL easier to admin
> for the
> >> non-system admin? Cpanel and plesk and like tools are pretty
> far down
> >> the list of important things to support or code for.
> >
> > If we want to make inroads into shared-hosting environments, it
> would
> > certainly help...
>
> It is not just shared hosting... dedicated hosting starts as little as
> 69.00 with Cpanel :)...
>
> Note that I am not advocating making it easier for Cpanel. I am just
> making a point that it is not limited to shared hosting.
>
> I am however advocating that it is pretty dumb that our conf files are
> *required* as a little text file on the filesystem and can not be
> managed via the database.
>
> Joshua D. Drake
>
>
>
> >
> > //Magnus
> >
> > ---------------------------(end of
> broadcast)---------------------------
> > TIP 6: explain analyze is your friend
> >
>
>
> --
>
> === The PostgreSQL Company: Command Prompt, Inc. ===
> Sales/Support: +1.503.667.4564 || 24x7/Emergency: +1.800.492.2240
> Providing the most comprehensive PostgreSQL solutions since 1997
> http://www.commandprompt.com/
> <http://www.commandprompt.com/>
>
> Donate to the PostgreSQL Project: http://www.postgresql.org/about/donate
> PostgreSQL Replication: http://www.commandprompt.com/products/
> <http://www.commandprompt.com/products/>
>
>

--

=== The PostgreSQL Company: Command Prompt, Inc. ===
Sales/Support: +1.503.667.4564 || 24x7/Emergency: +1.800.492.2240
Providing the most comprehensive PostgreSQL solutions since 1997
http://www.commandprompt.com/

Donate to the PostgreSQL Project: http://www.postgresql.org/about/donate
PostgreSQL Replication: http://www.commandprompt.com/products/