| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | Dominique Devienne <ddevienne(at)gmail(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Luca Ferrari <fluca1978(at)gmail(dot)com>, "pgsql-general(at)lists(dot)postgresql(dot)org" <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: How to fork pg_dump or psql w/o leaking secrets? |
| Date: | 2023-09-22 20:50:04 |
| Message-ID: | CAKFQuwYHKQrSV7rd74_C3Er_cYhWBtc9dVKazmi9BQ0uJp15hQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Friday, September 22, 2023, Dominique Devienne <ddevienne(at)gmail(dot)com>
wrote:
>
> Remember that I'm already connected in the "parent" process, to the DB.
> There aught to be a way to obtain a token from the DB via a connection,
> with a short duration, to supply to the exec'd PostgreSQL tools like psql
> or pg_dump,
> to completely bypass passwords. The server would maintain per-DB secrets,
> and sign a JWT token for example, valid for a few seconds, for that
> user/DB pair,
> that the parent "process" could then utilize / pass to the "fork/exec"d
> tool.
>
> Much safer than plain-text passwords floating around env-vars or
> temp-files. --DD
>
Sure, though maybe just some kind of “—password-on-stdin” option and then
the next input read from stdin is interpreted as the password, would be
more readily accomplished. Scripts should be sent via “—file” in that
usage but that seems desirable anyway.
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ray O'Donnell | 2023-09-22 21:37:41 | Re: Ubuntu 18 + PHP 8.2 + PDO: can't find drivers |
| Previous Message | Adrian Klaver | 2023-09-22 20:47:52 | Re: Ubuntu 18 + PHP 8.2 + PDO: can't find drivers |