| From: | "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com> |
|---|---|
| To: | Scott Marlowe <scott(dot)marlowe(at)gmail(dot)com> |
| Cc: | sthomas(at)optionshouse(dot)com, PostgreSQL General <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: .pgpass and root: a problem |
| Date: | 2013-02-05 18:53:02 |
| Message-ID: | 5111550E.70306@commandprompt.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 02/05/2013 10:44 AM, Scott Marlowe wrote:
>
> On Tue, Feb 5, 2013 at 10:15 AM, Shaun Thomas <sthomas(at)optionshouse(dot)com> wrote:
>> Hey folks,
>>
>> We're wanting to implement a more secure password policy, and so have
>> considered switching to LDAP/Active Directory for passwords. Normally, this
>> would be fine, but for two things:
>>
>> 1. Tons of our devs use .pgpass files to connect everywhere.
>> 2. Several devs have root access to various environments.
>
> Stop. If you want secure setups you don't hand out root access to
> lots of people. Trying to then make it secure is like closing the
> barn door after the horse has left.
I think this is a naive response Scott although I must admit it was my
gut reaction as well. The reality is we shouldn't store a plain text
password. At a minimum it should be hashed. That part of the problem is
really on us, regardless if it is a bad idea to hand out root.
Now it is true that if they can't trust their devs with this problem,
those devs shouldn't have root but that is a business policy problem
whereas ours is an actual security issue.
Sincerely,
Joshua D. Drake
--
Command Prompt, Inc. - http://www.commandprompt.com/
PostgreSQL Support, Training, Professional Services and Development
High Availability, Oracle Conversion, Postgres-XC
@cmdpromptinc - 509-416-6579
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Scott Mead | 2013-02-05 18:57:02 | Re: .pgpass and root: a problem |
| Previous Message | Scott Marlowe | 2013-02-05 18:44:54 | Re: .pgpass and root: a problem |