| From: | Jacob Champion <jchampion(at)timescale(dot)com> |
|---|---|
| To: | Michael Paquier <michael(at)paquier(dot)xyz> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, Robert Haas <robertmhaas(at)gmail(dot)com>, Shaun Thomas <shaun(dot)thomas(at)enterprisedb(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Logging of matching pg_hba.conf entry during auth skips trust auth, potential security issue |
| Date: | 2023-08-21 23:44:33 |
| Message-ID: | CAAWbhmhQFjhSW8Um+KbQ2YEV6viUiJ1uuKyUjSG4p4+deKcgEQ@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, Aug 21, 2023 at 4:22 PM Michael Paquier <michael(at)paquier(dot)xyz> wrote:
> There are additionally two more comments in the SSL tests that could
> be removed, I guess. Here's a v4, with Robert's latest suggestion
> added.
LGTM.
> I am not sure that we need to change this historic term, TBH. Perhaps
> it would be shorter to just rip off the trust method from the tree
> with a deprecation period but that's not something I'm much in favor
> off either (I use it daily for my own stuff, as one example).
> Another, more conservative approach may be to make it a developer-only
> option and discourage more its use in the docs.
I don't think we should get rid of anonymous connections; there are
ways to securely authorize a client connection without ever
authenticating the entity at the other end. I'd just like the server
to call them what they are, because I think the distinction is
valuable for DBAs who are closely watching their systems.
--Jacob
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2023-08-21 23:56:26 | Re: should frontend tools use syncfs() ? |
| Previous Message | Isaac Morland | 2023-08-21 23:43:56 | Re: Logging of matching pg_hba.conf entry during auth skips trust auth, potential security issue |