Re: [HACKERS] PAM authentication fails for local UNIX users
| От | Dhanaraj M |
|---|---|
| Тема | Re: [HACKERS] PAM authentication fails for local UNIX users |
| Дата | |
| Msg-id | 46CACD98.3040102@sun.com обсуждение исходный текст |
| Ответы |
Re: [HACKERS] PAM authentication fails for local
UNIX users
|
| Список | pgsql-patches |
Hi all, This is the continuation to the discussion that we had in the hacker's list. http://www.postgresql.org/docs/8.2/interactive/auth-methods.html#AUTH-PAM Here, I like to add some details in 20.2.6. PAM authentication section. Can someone review and make changes, if required? Thanks. *** client-auth.sgml.orig Tue Aug 21 16:52:45 2007 --- client-auth.sgml Tue Aug 21 17:02:52 2007 *************** *** 987,992 **** --- 987,1001 ---- and the <ulink url="http://www.sun.com/software/solaris/pam/"> <systemitem class="osname">Solaris</> PAM Page</ulink>. </para> + + <note> + <para> + The local UNIX user authentication is not permitted, + because the postgres server is started by a non-root user. + In order to enable this functionality, the root user must provide + additional permissions to the postgres user (for reading /etc/shadow file). + </para> + </note> </sect2> </sect1> > > > Zdenek Kotala wrote: >> >> The problem what Dhanaraj tries to address is how to secure solve >> problem with PAM and local user. Other servers (e.g. sshd) allow to >> run master under root (with limited privileges) and forked process >> under normal user. But postgresql >> requires start as non-root user. It limits to used common pattern. >> >> There is important question: >> >> Is current requirement to run postgresql under non-root OK? If yes, >> than we must update PAM documentation to explain this situation which >> will never works secure. Or if we say No, it is stupid limitation (in >> case when UID 0 says nothing about user's privileges) then we must >> start discussion about solution. >> >> > > For now I think we should update the docs. You really can't compare > postgres with sshd - ssh connections are in effect autonomous. I > suspect the changes involved in allowing us to run as root and then > give up privileges safely would be huge, and the gain quite small. > > I'd rather see an HBA fallback mechanism, which I suspect might > overcome most of the problems being encountered here. > > cheers > > andrew -- ================================ Dhanaraj M x40049/+91-9880244950 Solaris RPE, Bangalore, India http://blogs.sun.com/dhanarajm/ ================================
В списке pgsql-patches по дате отправления: