Re: Client Messages - Mailing list pgsql-hackers

From Fujii Masao
Subject Re: Client Messages
Date
Msg-id CAHGQGwHM=U+Z_4ezO_tcW9bukBV2bdHg0ve3zMExhqZyX3h8ng@mail.gmail.com
Whole thread Raw
In response to Client Messages  (Jim Mlodgenski <jimmy76@gmail.com>)
Responses Re: Client Messages
List pgsql-hackers
On Fri, Jan 6, 2012 at 1:38 AM, Jim Mlodgenski <jimmy76@gmail.com> wrote:
> I have a need to send banner messages to a psql client that I can set
> on the server and will be displayed on any psql client that connects
> to the database. This would be mostly used as an additional indicator
> to which database you are connecting, but could also be used by people
> to force their users to see an security message when connecting to the
> database. The attached patch will allow you to execute
>
> ALTER DATABASE postgres SET
> client_message=E'********************************************************************************\nBEWARE:
> You are connecting to a production database. If you do anything to\n
>     bring this server down, you will be destroyed by your supreme
> overlord.\n********************************************************************************\n';
>
> And then when you connect to psql, you will see:
>
> [e3@workstation bin]$ ./psql -U user1 postgres
> psql (9.2devel)
> ********************************************************************************
> BEWARE: You are connecting to a production database. If you do anything to
>        bring this server down, you will be destroyed by your supreme overlord.
> ********************************************************************************
>
> Type "help" for help.
>
> postgres=>
>
>
> Any feedback is welcome.

Adding new GUC parameter only for the purpose of warning psql users
seems overkill to me. Basically we try to reduce the number of GUC
parameters to make a configuration easier to a user, so I don't think that
it's good idea to add new GUC for such a small benefit. Instead, how
about using .psqlrc file and writing a warning message in it by using
\echo command?

Anyway, I found one problem in the patch. The patch defines client_message
as PGC_USERSET parameter, which means that any psql can falsify a
warning message, e.g., by setting the environment variable PGOPTIONS
to "-c client_message=hoge". This seems to be something to avoid from
security point of view.

Regards,

--
Fujii Masao
NIPPON TELEGRAPH AND TELEPHONE CORPORATION
NTT Open Source Software Center


pgsql-hackers by date:

Previous
From: Noah Misch
Date:
Subject: Re: psql \timing vs failed statements
Next
From: Fujii Masao
Date:
Subject: Re: Avoiding shutdown checkpoint at failover