From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
---|---|
To: | Jim Nasby <Jim(dot)Nasby(at)bluetreble(dot)com> |
Cc: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Marko Tiikkaja <marko(at)joh(dot)to>, Simon Riggs <simon(at)2ndquadrant(dot)com>, Bruce Momjian <bruce(at)momjian(dot)us>, José Luis Tallón <jltallon(at)adv-solutions(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Craig Ringer <craig(at)2ndquadrant(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net> |
Subject: | Re: RFC: Non-user-resettable SET SESSION AUTHORISATION |
Date: | 2015-05-21 02:38:17 |
Message-ID: | CA+TgmobCJXu2h-gi_P4yaL7SZLQfvDWp68o5Q0Rndj=S7SG--A@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Wed, May 20, 2015 at 8:22 PM, Jim Nasby <Jim(dot)Nasby(at)bluetreble(dot)com> wrote:
>> It might be a good idea to do something like this, but it's
>> significantly more complicated than a protocol-level SET SESSION
>> AUTHORIZATION. Right now, you can never go backwards from an
>> authenticated state to an unauthenticated state, and there may be code
>> in the backend that relies on that in subtle ways. The initial
>> bootstrap sequence is pretty complicated, and I'm pretty sure that any
>> naive attempt to redo that stuff is going to have unpleasant, probably
>> security-relevant bugs.
>
> What about the middle-ground of not doing de-auth right now? That eliminates
> your concerns but still allows getting rid of ugly things like copies of the
> password file (FWIW, my understanding is pgBouncer was meant more to run on
> the database server where you'd just point it at the native password file).
Uh, I don't have a clue what you mean when you say "the middle ground
of not doing de-auth right now".
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
From | Date | Subject | |
---|---|---|---|
Next Message | Peter Geoghegan | 2015-05-21 02:42:58 | Re: Re: [COMMITTERS] pgsql: Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE. |
Previous Message | Robert Haas | 2015-05-21 02:36:05 | Re: Disabling trust/ident authentication configure option |