Re: .pgpass and root: a problem

From: "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com>
To: Scott Marlowe <scott(dot)marlowe(at)gmail(dot)com>
Cc: sthomas(at)optionshouse(dot)com, PostgreSQL General <pgsql-general(at)postgresql(dot)org>
Subject: Re: .pgpass and root: a problem
Date: 2013-02-05 18:53:02
Message-ID: 5111550E.70306@commandprompt.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general


On 02/05/2013 10:44 AM, Scott Marlowe wrote:
>
> On Tue, Feb 5, 2013 at 10:15 AM, Shaun Thomas <sthomas(at)optionshouse(dot)com> wrote:
>> Hey folks,
>>
>> We're wanting to implement a more secure password policy, and so have
>> considered switching to LDAP/Active Directory for passwords. Normally, this
>> would be fine, but for two things:
>>
>> 1. Tons of our devs use .pgpass files to connect everywhere.
>> 2. Several devs have root access to various environments.
>
> Stop. If you want secure setups you don't hand out root access to
> lots of people. Trying to then make it secure is like closing the
> barn door after the horse has left.

I think this is a naive response Scott although I must admit it was my
gut reaction as well. The reality is we shouldn't store a plain text
password. At a minimum it should be hashed. That part of the problem is
really on us, regardless if it is a bad idea to hand out root.

Now it is true that if they can't trust their devs with this problem,
those devs shouldn't have root but that is a business policy problem
whereas ours is an actual security issue.

Sincerely,

Joshua D. Drake

--
Command Prompt, Inc. - http://www.commandprompt.com/
PostgreSQL Support, Training, Professional Services and Development
High Availability, Oracle Conversion, Postgres-XC
@cmdpromptinc - 509-416-6579

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Scott Mead 2013-02-05 18:57:02 Re: .pgpass and root: a problem
Previous Message Scott Marlowe 2013-02-05 18:44:54 Re: .pgpass and root: a problem