Re: Disabling trust/ident authentication configure option

From: Jim Nasby <Jim(dot)Nasby(at)BlueTreble(dot)com>
To: Peter Eisentraut <peter_e(at)gmx(dot)net>, Volker Aßmann <volker(dot)assmann(at)gmail(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>
Cc: "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Disabling trust/ident authentication configure option
Date: 2015-05-06 22:32:44
Message-ID: 554A968C.9030309@BlueTreble.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On 5/6/15 12:56 PM, Peter Eisentraut wrote:
>> I think this is a sufficiently general requirement to warrant including
>> >an option to disable this, as most hardening guides I have seen for
>> >PostgreSQL unconditionally require to disable trust authentication and
>> >disabling it in the code removes the need to check this in the runtime
>> >configuration.
> I think people would be interested in well-thought out, generalized
> hardening facilities. But that would likely include other things than
> just disabling an authentication method or two. And we can't be adding
> a new compile-time option as we add each one. We need a more general
> approach.

Yeah. I think one of the big use cases here is that many environments
are OK with at least ident (if not trust) but only from the local
machine. So you'd probably want to handle that somehow.
--
Jim Nasby, Data Architect, Blue Treble Consulting
Data in Trouble? Get it in Treble! http://BlueTreble.com

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Josh Berkus 2015-05-06 22:41:28 Re: Disabling trust/ident authentication configure option
Previous Message Tom Lane 2015-05-06 21:59:55 Re: BRIN range operator class