Re: Restricting user -> database access.

"C. Bensend" <benny@bennyvision.com> writes:
> local        all                                           crypt
> host         all         127.0.0.1     255.255.255.255     crypt

> hostssl      bobsdb    a.b.c.d   255.255.255.255   ident   sameuser

> In response to "you have additional pg_hba lines that you're
> not showing us", that's all I have.  Honestly.

The above lines say that anyone coming from the local machine (over
either a Unix socket or loopback IP) can get into any database if they
supply a valid Postgres userid and password.  Anyone coming from a.b.c.d
(I assume this is *not* your local machine) can get into only bobsdb,
and only if the Postgres userid they specify matches what ident reports
as their Unix userid.

Perhaps you want "sameuser" instead of "all" in the first two lines.

You're correct that psql's \c doesn't re-prompt for the password if the
one originally given is still accepted.  Offhand that does not strike me
as a security lapse.

> hostssl      balmer      a.b.c.d    255.255.255.255     ident  sameuser
> hostssl      ertz        a.b.c.d    255.255.255.255     ident  sameuser

> As user 'balmer' from the client machine, I can connect to
> the 'balmer' database.  Yay.  :)  And now, as balmer, I can
> "\c ertz" and connect to the ertz database.  Not so good.  :(

Sure enough, that's what the config file says is allowed.  Try
replacing these two lines with

hostssl      sameuser      a.b.c.d    255.255.255.255     ident  sameuser

which I think is closer to the behavior you are looking for.

            regards, tom lane