Re: [pgAdmin4][Patch]: Allow user to provide custom SSL certificates and provide .pgpass file

Hi

On Wed, Aug 30, 2017 at 6:49 AM, Murtuza Zabuawala <
murtuza(dot)zabuawala(at)enterprisedb(dot)com> wrote:

> Hi Dave,
>
> PFA updated patch with new screenshots and docs accordingly.
>
> RM
> ​#​
> 2649
> ​ & RM#​
> 2650
>
> On Tue, Aug 29, 2017 at 7:51 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:
>
>> Hi
>>
>> On Fri, Aug 25, 2017 at 2:45 PM, Murtuza Zabuawala <
>> murtuza(dot)zabuawala(at)enterprisedb(dot)com> wrote:
>>
>>> Hi Dave,
>>>
>>> Please find updated patch,
>>> - For displaying hidden files I have added preference option in Storage
>>> section.
>>>
>>
>> How painful would it be to include it on the file dialogue as well?
>>
> ​Done​
>
>
>>
>>
>>> - Updated Docs & Screenshots.
>>> - User can use 'prefer' option to enable SSL options.
>>>
>>
>> Cool.
>>
>> A couple of other things I realised in playing with this:
>>
>> 1) The SSL tab should come before Advanced I think.
>>
> ​Done​
>
>
>>
>> 2) The docs now mention the default SSL files. In server mode, using
>> defaults is probably a bad idea I suspect (because they would be shared).
>> Should we force the values to /dev/null (and whatever is appropriate on
>> Windows) if running in server mode? Users can always override that with
>> something from their storage area.
>>
>> Thoughts?
>>
> ​In my opinion we should not ​force users to provide certificates, we can
> let them decide how they want to configure it.
>

It's not about forcing them to provide them, it's about preventing them
from using defaults which may be owned by the user that the app runs as on
a server, but that should not be (unless explicitly allowed by the
sysadmin) accessible to every pgAdmin user.

Thoughts from others? Ashesh?

--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake

EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company