Re: psql and security
| От | Zeugswetter Andreas SB SD |
|---|---|
| Тема | Re: psql and security |
| Дата | |
| Msg-id | 46C15C39FEB2C44BA555E356FBCD6FA421273E@m0114.s-mxs.net обсуждение исходный текст |
| Ответ на | psql and security (Tatsuo Ishii <t-ishii@sra.co.jp>) |
| Список | pgsql-hackers |
> > As you can see, psql reconnect as any user if the password is same as > > foo. Of course this is due to the careless password setting, but I > > think it's better to prompt ANY TIME the user tries to switch to > > another user. > > I'm not sure. A few users have voiced concerns about this before, but we > have no count of the users that might enjoy this convenience. ;-) > > Basically, the attack scenario here is that if you have a psql running and > leave your terminal, someone else can come in and get access to any other > database that you might have access to, without knowing your password. > But given a running psql, figuring out the password isn't so hard (running > a debugger or inducing a core dump would be likely options), and > concluding that this password is valid for all databases is trivial since > that's the default setup. This feature was added to conveniently let an already connected user switch to another database. Imho you could distinguish the exact case at hand, where a new user was specified and prompt for a new password. Andreas
В списке pgsql-hackers по дате отправления: