From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
---|---|
To: | Ken Tanzer <ken(dot)tanzer(at)gmail(dot)com> |
Cc: | PG-General Mailing List <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: Limiting DB access by role after initial connection? |
Date: | 2017-06-10 00:38:43 |
Message-ID: | 20170610003843.GA10159@wolff.to |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Thu, Jun 08, 2017 at 22:37:34 -0700,
Ken Tanzer <ken(dot)tanzer(at)gmail(dot)com> wrote:
>
>My approach was to have the initial connection made by the owner, and then
>after successfully authenticating the user, to switch to the role of the
>site they belong to. After investigation, this still seems feasible but
>imperfect. Specifically, I thought it would be possible to configure such
>that after changing to a more restricted role, it would not be possible to
>change back. But after seeing this thread (
How are you keeping the credentials of the owner from being compromised? It
seems if you are worried about role changing, adversaries will likely also
be in a position to steal the owner's credentials or hijack the connection
before privileges are dropped.
From | Date | Subject | |
---|---|---|---|
Next Message | Steven Grimm | 2017-06-10 03:37:09 | Inconsistent performance with LIKE and bind variable on long-lived connection |
Previous Message | armand pirvu | 2017-06-09 22:46:26 | Re: Vacuum and state_change |