Re: Logging of matching pg_hba.conf entry during auth skips trust auth, potential security issue

From: Isaac Morland <isaac(dot)morland(at)gmail(dot)com>
To: Michael Paquier <michael(at)paquier(dot)xyz>
Cc: Jacob Champion <jchampion(at)timescale(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, Robert Haas <robertmhaas(at)gmail(dot)com>, Shaun Thomas <shaun(dot)thomas(at)enterprisedb(dot)com>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: Logging of matching pg_hba.conf entry during auth skips trust auth, potential security issue
Date: 2023-08-21 23:43:56
Message-ID: CAMsGm5fRxYVF+0JPGLyuKK_J5Hpj9sj=ecVdZ1UEe9yN6n8e_A@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Mon, 21 Aug 2023 at 19:23, Michael Paquier <michael(at)paquier(dot)xyz> wrote:

I am not sure that we need to change this historic term, TBH. Perhaps
> it would be shorter to just rip off the trust method from the tree
> with a deprecation period but that's not something I'm much in favor
> off either (I use it daily for my own stuff, as one example).
> Another, more conservative approach may be to make it a developer-only
> option and discourage more its use in the docs.
>

I hope we're not really considering removing the "trust" method. For
testing and development purposes it's very handy — just tell the database,
running in a VM, to allow all connections and just believe who they say
they are from a client process running in the same or a different VM, with
no production data anywhere in site and no connection to the real network.

If people are really getting confused and using it in production, then
change the documentation to make it even more clear that it is a
non-authenticating setting which is there specifically to bypass security
in testing contexts. Ultimately, real tools have the ability to cut your
arm off, and our documentation just needs to make clear which parts of
Postgres are like that.

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Jacob Champion 2023-08-21 23:44:33 Re: Logging of matching pg_hba.conf entry during auth skips trust auth, potential security issue
Previous Message Michael Paquier 2023-08-21 23:25:11 Re: should frontend tools use syncfs() ?