| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | Ken Tanzer <ken(dot)tanzer(at)gmail(dot)com> |
| Cc: | PG-General Mailing List <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Limiting DB access by role after initial connection? |
| Date: | 2017-06-10 00:38:43 |
| Message-ID: | 20170610003843.GA10159@wolff.to |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Thu, Jun 08, 2017 at 22:37:34 -0700,
Ken Tanzer <ken(dot)tanzer(at)gmail(dot)com> wrote:
>
>My approach was to have the initial connection made by the owner, and then
>after successfully authenticating the user, to switch to the role of the
>site they belong to. After investigation, this still seems feasible but
>imperfect. Specifically, I thought it would be possible to configure such
>that after changing to a more restricted role, it would not be possible to
>change back. But after seeing this thread (
How are you keeping the credentials of the owner from being compromised? It
seems if you are worried about role changing, adversaries will likely also
be in a position to steal the owner's credentials or hijack the connection
before privileges are dropped.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Steven Grimm | 2017-06-10 03:37:09 | Inconsistent performance with LIKE and bind variable on long-lived connection |
| Previous Message | armand pirvu | 2017-06-09 22:46:26 | Re: Vacuum and state_change |