Security - local(TRUST) and php/perl access

Security - local(TRUST) and php/perl access

am 19.04.2002 16:01:14 von dave

Currently we TRUST local users so pretty much any user can access any database
from the shell.
When PHP or Perl(DBI) accesses the postgres database, can they simply specify
any userid and database set as a local user would, or are they restricted to the
"host sameuser 0.0.0.0 0.0.0.0 password" setting in pg_hba.conf

Dave


---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

Re: Security - local(TRUST) and php/perl access

am 19.04.2002 18:10:30 von Josh Berkus

Dave,

> Currently we TRUST local users so pretty much any user can access any
> database
> from the shell.
> When PHP or Perl(DBI) accesses the postgres database, can they simply
> specify
> any userid and database set as a local user would, or are they
> restricted to the
> "host sameuser 0.0.0.0 0.0.0.0 password" setting in pg_hba.conf

Anything running on the same machine, whether a shell, PHP, or Perl, is
covered by the "trust" statement, unless you make the mistake of
routing your connection through an external interface.

However, I strongly reccommend against using "trust" on any public web
server.

-Josh Berkus

---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org

Re: Security - local(TRUST) and php/perl access

am 19.04.2002 19:45:15 von dave

>Anything running on the same machine, whether a shell, PHP, or Perl, is
>covered by the "trust" statement, unless you make the mistake of
>routing your connection through an external interface.

this is what I was afraid of

>However, I strongly reccommend against using "trust" on any public web
>server.

agreed, thus my concern...

it appears however that if everything is set to password (or better) that
postgres doesn't start on reboot. the startup script reads

case $1 in
start)
[ -d /usr/local/pgsql/lib ] && /sbin/ldconfig -m /usr/local/pgsql/lib
[ -x /usr/local/pgsql/bin/pg_ctl ] && {
su -l pgsql -c \
'exec /usr/local/pgsql/bin/pg_ctl -w start > /usr/local/pgsql/errlog
echo -n ' pgsql'
}
;;

essentially what happens is that the startup waits for the password to be
entered, and as such that and any following services in the local/rc directory
are never started... it times out after a time (if memory serves).

workaround without security ramifications?

Dave


---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to majordomo@postgresql.org)