* Kynn Jones (kynnjo@gmail.com) wrote:
> Now, supposing we have a fresh batch of host registration requests
> that have passed all the filters we may impose on them (i.e. they have
> been "approved" somehow). How best to automate the process of
> granting access to these host? I suppose that the script/program in
> charge of this could, in principle, update the pg_hba.conf file, and
> bounce the server with a suitable "kill -HUP", but I'm queasy about
> such unsupervised bouncing of the server. I could use some words of
> wisdom on this topic.
Call the init.d script with 'reload' or call pg_ctl directly with
'reload'.
> More generally, are we even on the right track here? Or is the whole
> idea of making our database publicly accessible totally foolish?
In general I'd recommend against making the database publicly available
(as in, allowing psql/etc connections on port 5432). It depends a great
deal on what you're doing too though.
> We are specifically trying to avoid, at this initial stage at least,
> any solution that would require creating a proxy server for the sole
> purpose of authenticating and/or validating requests (e.g. ensuring
> that the request include a unique key, etc.) Our hope is that we may
> be able to craft a solution using only PostgreSQL's standard security
> facilities that would be adequate for at least the first several
> months of operation, if not much longer.
One big question I have is, is this completely read-only? Or is it
read-write? Or what? If it's something which is just read-only it
seems to me that it'd make more sense to write something in perl to pull
the data out of the database, put it into a portable format (ala csv or
similar) and provide that as a CGI. You could then protect that using
alot of different ways- apache htaccess style, something in the perl
code which checks a table in the database, etc. Things are more
complicated if it's actually read/write. :) If by 'host' you mean 'IP
address', then you really should probably also get your firewall
involved so that connections aren't even allowed to the PG port unless
they're coming from an approved IP (note that, of course, that doesn't
solve all problems.. MITAs, viruses/hackers, naughty upstreams, etc).
> Many thanks for your thoughts and opinions on this!
Good luck..
Stephen
