Re: Information of pg_stat_ssl visible to all users
| От | Magnus Hagander |
|---|---|
| Тема | Re: Information of pg_stat_ssl visible to all users |
| Дата | |
| Msg-id | CABUevEw5hbgFjKjDB3a16n+jzP4o-O_nyBYUm4zy9kCwS5RqZw@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: Information of pg_stat_ssl visible to all users (Michael Paquier <michael.paquier@gmail.com>) |
| Ответы |
Re: Information of pg_stat_ssl visible to all users
|
| Список | pgsql-hackers |
On Sun, Aug 30, 2015 at 5:35 AM, Michael Paquier <michael.paquier@gmail.com> wrote:
On Sun, Aug 30, 2015 at 5:27 AM, Bruce Momjian wrote:I know I am coming in late here, but I know Heroku uses random user
names to allow a cluster to have per-user databases without showing
external user name details:
[...]
I can see them having problems with a user being able to see the SSL
remote user names of all connected users.Yep, and I can imagine that this is the case of any company managing cloud nodes with Postgres embedded, and at least to me that's a real concern.
How is it a concern that a CN field with a random username in it is visible, when showing the actual random username isn't? That's not very consistent...
В списке pgsql-hackers по дате отправления: