From: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
---|---|
To: | Simon Riggs <simon(at)2ndquadrant(dot)com>, Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
Cc: | PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Enabling replication connections by default in pg_hba.conf |
Date: | 2017-02-02 18:48:28 |
Message-ID: | 47521646-2604-356a-997b-c9758033b121@2ndquadrant.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 2/2/17 8:32 AM, Simon Riggs wrote:
> I think we should remove the "replication" false database concept in
> pg_hba.conf altogether and allow any valid pg_hba rule to invoke a
> replication connection, if one is requested. Roles would still need
> the REPLICATION capability before this would be allowed. Having both
> of those things doesn't materially improve security control.
It's weirdly inconsistent now. You need a "replication" line in
pg_hba.conf to connect for logical decoding, but you can't restrict that
to a specific database because the database column in pg_hba.conf is
occupied by the "replication" key word.
However, you would still want a way to configure a user for logical
decoding for any database but no physical replication, or vice versa.
Just getting rid of the replication key word would prevent that, I think.
> It would also be useful to be able prevent users with REPLICATION
> capability from connecting as normal users, if the are marked as
> NOLOGIN.
That sounds useful.
(Superusers not have the replication attribute by default is an
additional possible annoyance.)
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
From | Date | Subject | |
---|---|---|---|
Next Message | Peter Eisentraut | 2017-02-02 18:55:38 | Re: Provide list of subscriptions and publications in psql's completion |
Previous Message | Nico Williams | 2017-02-02 17:50:24 | Re: PoC: Make it possible to disallow WHERE-less UPDATE and DELETE |