From: | Harold Giménez <harold(at)heroku(dot)com> |
---|---|
To: | pgsql-hackers(at)postgresql(dot)org |
Subject: | proposal: hide application_name from other users |
Date: | 2014-01-21 05:22:15 |
Message-ID: | CACZOJr_TtZu2-hOPpRbSu=sJE_RR1_t6yM3X9H-=sZ6czE=7bQ@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
First of all, I apologize for submitting a patch and missing the commitfest
deadline. Given the size of the patch, I thought I'd submit it for your
consideration regardless.
This patch prevents non-superusers from viewing other user's
pg_stat_activity.application_name. This topic was discussed some time ago
[1] and consequently application_name was made world readable [2].
I would like to propose that we hide it instead by reverting to the
original behavior. There is a very large number of databases on the same
cluster shared across different users who can easily view each other's
application_name values. Along with that, there are some libraries that
default application_name to the name of the running process [3], which can
leak information about what web servers applications are running, queue
systems, etc. Furthermore leaking application names in a multi-tenant
environment is more information than an attacker should have access to on
services like Heroku and other similar providers.
Thanks and regards,
-Harold Giménez
[1] http://www.postgresql.org/message-id/14808.1259452069@sss.pgh.pa.us
[2]
http://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=0c61cff57a1dc7685fcac9f09451b261f14cb711
[3]
https://bitbucket.org/ged/ruby-pg/src/6c2444dc63e17eb695363993e8887cc5d67750bc/lib/pg/connection.rb?at=default#cl-44
Attachment | Content-Type | Size |
---|---|---|
hide_application_name_v1.patch | application/octet-stream | 1.1 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | KaiGai Kohei | 2014-01-21 05:24:10 | Re: inherit support for foreign tables |
Previous Message | Rushabh Lathia | 2014-01-21 05:06:31 | Re: NOT Null constraint on foreign table not working |