| From: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
|---|---|
| To: | Jim Nasby <Jim(dot)Nasby(at)BlueTreble(dot)com>, Peter Eisentraut <peter_e(at)gmx(dot)net>, Volker Aßmann <volker(dot)assmann(at)gmail(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Disabling trust/ident authentication configure option |
| Date: | 2015-05-06 22:41:34 |
| Message-ID: | 554A989E.9070503@iki.fi |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 05/07/2015 01:32 AM, Jim Nasby wrote:
> On 5/6/15 12:56 PM, Peter Eisentraut wrote:
>>> I think this is a sufficiently general requirement to warrant including
>>>> an option to disable this, as most hardening guides I have seen for
>>>> PostgreSQL unconditionally require to disable trust authentication and
>>>> disabling it in the code removes the need to check this in the runtime
>>>> configuration.
>> I think people would be interested in well-thought out, generalized
>> hardening facilities. But that would likely include other things than
>> just disabling an authentication method or two. And we can't be adding
>> a new compile-time option as we add each one. We need a more general
>> approach.
>
> Yeah. I think one of the big use cases here is that many environments
> are OK with at least ident (if not trust) but only from the local
> machine. So you'd probably want to handle that somehow.
That's called 'peer', since 9.1.
- Heikki
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andreas Karlsson | 2015-05-07 01:26:27 | Re: INSERT ... ON CONFLICT UPDATE/IGNORE 4.0 |
| Previous Message | Josh Berkus | 2015-05-06 22:41:28 | Re: Disabling trust/ident authentication configure option |