| From: | Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at> |
|---|---|
| To: | "CS DBA *EXTERN*" <cs_dba(at)consistentstate(dot)com>, pgsql-admin <pgsql-admin(at)postgresql(dot)org> |
| Subject: | Re: Password Security |
| Date: | 2014-02-05 08:36:54 |
| Message-ID: | A737B7A37273E048B164557ADEF4A58B17CA331B@ntex2010i.host.magwien.gv.at |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
CS DBA wrote:
> We have an application running via a utility that want's clear text
> passwords stored in it's config files. I know we can setup ident mapping
> but the app doesn't play nice with password prompt requests. We could
> set it's connections to trust but it kinda defeats the purpose security
> wise.
>
> Any thoughts on best/common practices per connecting to postgres
> securely without an interactive password prompt
I personally think that having a clear text password stored on the
application server is hardly more secure than allowing trust
authentication for this host.
Essentially you are facing the following conundrum:
A program on a computer should be able to login without human interaction,
but nothing else should.
As far as I know, there is no good solution for this problem.
You can try to hide or obfuscate the password (or other authentication
tokens), but that won't keep a dedicated person logged into the
computer from finding and abusing it.
My opinion is that your best bet is to prevent access to the
computer as much as possible, but not to care too much about how
the computer authenticates with the database.
Yours,
Laurenz Albe
| From | Date | Subject | |
|---|---|---|---|
| Next Message | sharon | 2014-02-05 09:38:43 | Re: Admin user issue: unable to login after changing password |
| Previous Message | Joel Hedden | 2014-02-05 05:44:23 | 9.3.2 on Mac OS X: WAL Sender never exits on SIGUSR2 when pg_receivexlog is connected |