| From: | Jim Nasby <Jim(dot)Nasby(at)BlueTreble(dot)com> |
|---|---|
| To: | Josh Berkus <josh(at)agliodbs(dot)com>, Volker Aßmann <volker(dot)assmann(at)gmail(dot)com> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Disabling trust/ident authentication configure option |
| Date: | 2015-05-18 15:36:13 |
| Message-ID: | 555A06ED.3040609@BlueTreble.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 5/17/15 10:58 PM, Josh Berkus wrote:
> The goal here was stated to preventing authentication misconfiguration
> by shortsighted admins who have superuser access and the ability to
> change pg_hba.conf. This is tantamount to giving someone a gun and
> bullets, but expecting duct tape across the cartridge slot to prevent
> them from loading or using the gun.
The idea is to prevent *accidental* misconfiguration, not to try and
permanently lock them out. IE: make them think before allowing them to
just do something silly. Disabling auth methods at compile time seems a
very reasonable way to accomplish that.
--
Jim Nasby, Data Architect, Blue Treble Consulting
Data in Trouble? Get it in Treble! http://BlueTreble.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jim Nasby | 2015-05-18 15:38:14 | Re: 9.5 open items |
| Previous Message | Alexander Korotkov | 2015-05-18 15:07:50 | Re: WIP: Enhanced ALTER OPERATOR |