On Tue, Jul 7, 2015 at 12:57:58PM -0400, Tom Lane wrote:
> Andres Freund <andres@anarazel.de> writes:
> > On 2015-07-07 12:03:36 -0400, Peter Eisentraut wrote:
> >> I think the DN is analogous to the remote user name, which we don't
> >> expose for any of the other authentication methods.
>
> > Huh?
>
> Peter's exactly right: there is no other case where you can tell what
> some other connection's actual OS username is. You might *guess* that
> it's the same as their database username, but you don't know that,
> assuming you don't know how they authenticated.
>
> I'm not sure how security-critical this info really is, though.
I know I am coming in late here, but I know Heroku uses random user
names to allow a cluster to have per-user databases without showing
external user name details:
=> \du List of roles Role name | Attributes |
Memberof----------------+------------------------------------------------+----------- aafgrwewediiqz | 20 connections
| {} aaszwkfnholarh | 20 connections | {} aatbelxbaeriwy |
20connections | {} aaxiwolkcxmbxo | 20 connections | {}
abbyljzgqaonjb| 20 connections | {}
I can see them having problems with a user being able to see the SSL
remote user names of all connected users.
-- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB
http://enterprisedb.com
+ Everyone has their own god. +
