Home > mailing lists

Re: Logging of matching pg_hba.conf entry during auth skips trust auth, potential security issue - Mailing list pgsql-hackers

From	Michael Paquier
Subject	Re: Logging of matching pg_hba.conf entry during auth skips trust auth, potential security issue
Date	August 22, 2023 02:58:42
Msg-id	ZOP6MvCDjLXPpOGD@paquier.xyz Whole thread Raw
In response to	Re: Logging of matching pg_hba.conf entry during auth skips trust auth, potential security issue (Isaac Morland <isaac.morland@gmail.com>)
List	pgsql-hackers

Tree view

On Mon, Aug 21, 2023 at 07:43:56PM -0400, Isaac Morland wrote:
> I hope we're not really considering removing the "trust" method. For
> testing and development purposes it's very handy — just tell the database,
> running in a VM, to allow all connections and just believe who they say
> they are from a client process running in the same or a different VM, with
> no production data anywhere in site and no connection to the real network.

For some benchmarking scenarios, it can actually be useful when
testing cases where new connections are spawned as it bypasses
entirely the authentication path, moving the bottlenecks to different
areas one may want to stress.
--
Michael

Attachment

signature.asc

pgsql-hackers by date:

From: Michael Paquier
Date: 22 August 2023, 02:56:26
Subject: Re: should frontend tools use syncfs() ?

From: Peter Smith
Date: 22 August 2023, 03:31:25
Subject: Re: [PoC] pg_upgrade: allow to upgrade publisher node

Re: Logging of matching pg_hba.conf entry during auth skips trust auth, potential security issue - Mailing list pgsql-hackers

Attachment

Previous

Next