Re: pg_ident.hba on a single-user, multi-app machine
| От | Adrian Klaver |
|---|---|
| Тема | Re: pg_ident.hba on a single-user, multi-app machine |
| Дата | |
| Msg-id | 53EFC35C.8010806@aklaver.com обсуждение исходный текст |
| Ответ на | pg_ident.hba on a single-user, multi-app machine (Matt Silverlock <matt@eatsleeprepeat.net>) |
| Список | pgsql-general |
On 08/16/2014 07:47 AM, Matt Silverlock wrote: > Hi all. > > Trying to rationalise my pg_hba.conf and pg_ident.conf configuration on > a Debian/Ubuntu machine where: > > * One primary application user (“deploy”) runs web applications > * postgres, nginx, et. al run under their own users > * Using a Unix socket for connecting to PostgreSQL on the same machine > (if I split the machines up at some point in the future, I’ll just run > TCP + SSL w/ strict IP filtering) > > At the moment I’m using the following approach, where each database user > (unique per application) only has permissions for its own database. > Users are mapped to the “deploy” user so that peer authentication can work. > > What are the outstanding risks here? The only ‘likely’ scenario (short > of the box itself being compromised) is if the app is compromised/flawed > (i.e. some uncaught SQLi vuln in a lib) then it can drop its own tables, > but not the tables of any other application running under the same OS user. > > (Heck, can you even have multiple applications talking to the same Unix > socket?) Yes. Here is a good description of how: http://stackoverflow.com/questions/9644251/how-do-unix-domain-sockets-differentiate-between-multiple-clients > > Thanks in advance. -- Adrian Klaver adrian.klaver@aklaver.com
В списке pgsql-general по дате отправления: