| From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
|---|---|
| To: | PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Information of pg_stat_ssl visible to all users |
| Date: | 2015-06-09 04:00:15 |
| Message-ID: | CAB7nPqReR+MUupGA5wd9tywdhhgHkREnY9OEJemMxkd2zzrvQw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi all,
I should have noticed that before, but it happens that pg_stat_ssl
leaks information about the SSL status of all the users connected to a
server. Let's imagine for example:
1) Session 1 connected through SSL with a superuser:
=# create role toto login;
CREATE ROLE
=# select * from pg_stat_ssl;
pid | ssl | version | cipher | bits |
compression | clientdn
-------+-----+---------+-----------------------------+------+-------------+----------
33348 | t | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | 256 | t |
(1 row)
2) New session 2 with previously created user:
=> select * from pg_stat_ssl;
pid | ssl | version | cipher | bits |
compression | clientdn
-------+-----+---------+-----------------------------+------+-------------+----------
33348 | t | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | 256 | t |
33367 | t | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | 256 | t |
(2 rows)
Attached is a patch to mask those values to users that should not have
access to it, similarly to the other fields of pg_stat_activity.
Regards,
--
Michael
| Attachment | Content-Type | Size |
|---|---|---|
| 20150609_pgstat_ssl_leakfix.patch | text/x-diff | 2.0 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amit Kapila | 2015-06-09 04:04:20 | Re: Re: [COMMITTERS] pgsql: Map basebackup tablespaces using a tablespace_map file |
| Previous Message | David Rowley | 2015-06-09 03:55:14 | Aggregate Supporting Functions |