Re: [GENERAL] Limiting DB access by role after initial connection? - Mailing list pgsql-general

From Bruno Wolff III
Subject Re: [GENERAL] Limiting DB access by role after initial connection?
Date
Msg-id 20170611191555.GA26280@wolff.to
Whole thread Raw
In response to Re: [GENERAL] Limiting DB access by role after initial connection?  (Ken Tanzer <ken.tanzer@gmail.com>)
Responses Re: [GENERAL] Limiting DB access by role after initial connection?  (Ken Tanzer <ken.tanzer@gmail.com>)
List pgsql-general
On Fri, Jun 09, 2017 at 21:14:15 -0700,
  Ken Tanzer <ken.tanzer@gmail.com> wrote:
>On Fri, Jun 9, 2017 at 5:38 PM, Bruno Wolff III <bruno@wolff.to> wrote:
>
>Seems to me they are separate issues.   App currently has access to the
>password for accessing the DB.  (Though I could change that to ident access
>and skip the password.)  App 1) connects to the DB, 2) authenticates the
>user (within the app), then 3) proceeds to process input, query the DB,
>produce output.  If step 2A becomes irrevocably changing to a site-specific
>role, then at least I know that everything that happens within 3 can't
>cross the limitations of per-site access.  If someone can steal my password
>or break into my backend, that's a whole separate problem that already
>exists both now and in this new scenario.

In situations where a person has enough access to the app (e.g. it is a
binary running on their desktop) to do spurious role changes, they likely
have enough acces to hijack the database connection before privileges
are dropped.


pgsql-general by date:

Previous
From: Pavel Stehule
Date:
Subject: Re: [GENERAL] Inconsistent performance with LIKE and bind variable onlong-lived connection
Next
From: Andrew Kerber
Date:
Subject: Re: [GENERAL] Huge Pages - setting the right value