From: | Ken Tanzer <ken(dot)tanzer(at)gmail(dot)com> |
---|---|
To: | Bruno Wolff III <bruno(at)wolff(dot)to>, Ken Tanzer <ken(dot)tanzer(at)gmail(dot)com>, PG-General Mailing List <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: Limiting DB access by role after initial connection? |
Date: | 2017-06-11 20:53:06 |
Message-ID: | CAD3a31XgnuFsoCK2P=dwpBs6NaiBY7h8Q_4Ju9yb5MGZ8_bKJQ@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Sun, Jun 11, 2017 at 12:15 PM, Bruno Wolff III <bruno(at)wolff(dot)to> wrote:
> On Fri, Jun 09, 2017 at 21:14:15 -0700,
> Ken Tanzer <ken(dot)tanzer(at)gmail(dot)com> wrote:
>
>> On Fri, Jun 9, 2017 at 5:38 PM, Bruno Wolff III <bruno(at)wolff(dot)to> wrote:
>>
>> Seems to me they are separate issues. App currently has access to the
>> password for accessing the DB. (Though I could change that to ident
>> access
>> and skip the password.) App 1) connects to the DB, 2) authenticates the
>> user (within the app), then 3) proceeds to process input, query the DB,
>> produce output. If step 2A becomes irrevocably changing to a
>> site-specific
>> role, then at least I know that everything that happens within 3 can't
>> cross the limitations of per-site access. If someone can steal my
>> password
>> or break into my backend, that's a whole separate problem that already
>> exists both now and in this new scenario.
>>
>
> In situations where a person has enough access to the app (e.g. it is a
> binary running on their desktop) to do spurious role changes, they likely
> have enough acces to hijack the database connection before privileges are
> dropped.
>
Ah yes, I could see that. In this case it's a web app, so only the server
has the DB credentials. I'd really hate it if each client had to be able
to access those credentials!
Cheers,
Ken
--
AGENCY Software
A Free Software data system
By and for non-profits
*http://agency-software.org/ <http://agency-software.org/>*
*https://agency-software.org/demo/client
<https://agency-software.org/demo/client>*
ken(dot)tanzer(at)agency-software(dot)org
(253) 245-3801
Subscribe to the mailing list
<agency-general-request(at)lists(dot)sourceforge(dot)net?body=subscribe> to
learn more about AGENCY or
follow the discussion.
From | Date | Subject | |
---|---|---|---|
Next Message | Paul Jungwirth | 2017-06-11 20:55:54 | Re: trying to program in PostgreSQL C a statistics function |
Previous Message | chuma.ofole | 2017-06-11 20:25:53 | Unsubscription |