| From: | Greg Sabino Mullane <htamfids(at)gmail(dot)com> |
|---|---|
| To: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | PATCH: Disallow a netmask of zero unless the IP is also all zeroes |
| Date: | 2025-02-11 20:05:33 |
| Message-ID: | CAKAnmmLszoyvq9vPcCwjbyKV=dvTko7fWH9wu77Ngg68=_4Dmw@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
I ran into this alarming mistake again the other day. Luckily it was on a
dev system. Someone sees an entry in a pg_hba.conf that looks like this:
host all all 0.0.0.0/0 md5
They are gobsmacked when they learn this means to let everyone in. So they
fix it by adding new entries that look like this:
host all all 10.2.55.4/0 md5
host all all 10.2.55.5/0 md5
host all all 10.2.55.6/0 md5
It should, of course, be:
host all all 10.2.55.4/32 md5
I say "of course" but few people (even tech ones) know the distinction.
(Nor should they have to! But that's for a nearby thread). This patch aims
to prevent this very bad footgun by only allowing a /0 if the IP consists
of only zeroes. It works for ipv4 and ipv6.
Cheers,
Greg
--
Crunchy Data - https://www.crunchydata.com
Enterprise Postgres Software Products & Tech Support
| Attachment | Content-Type | Size |
|---|---|---|
| 0001-Only-allow-a-CIDR-mask-of-zero-if-the-IP-contains-only-zeroes.patch | application/x-patch | 1.4 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alexander Borisov | 2025-02-11 20:08:33 | Re: Optimization for lower(), upper(), casefold() functions. |
| Previous Message | Greg Sabino Mullane | 2025-02-11 20:04:51 | Proposal: allow non-masked IPs inside of pg_hba.conf |