Re: [GENERAL] DHCP and pg_hba.conf

Ron Chmara <ron@opus1.com> writes:

> running security off of names would be much slower, as each session had
> to waste time on name lookups rather than just mapping to the address.

Another note:  Many programs which implement host-based ACLs seem to
just do a reverse lookup on the IP of the client.  This is a very bad
idea (IMHO):

Let's say you're running a database that allows connections from
yourdomain.com, and I want to break in.  If I control a nameserver
that's authoritative for my own IP address range, I can break in
simply by creating a PTR record for my machine which points to
"something.yourdomain.com."

The right way to implement host-based ACLs is to do a double lookup;
resolve the IP to a hostname, and then verify that the hostname
resolves back to the original IP.

With such a system in place in PostgreSQL, it might be more reasonable
to allow something like "%.accounting.mycompany.com" in an ACL.

Chris

--
---------------------------------------------------- cjones@rightnowtech.com
Chris Jones
           System Administrator, Right Now Technologies, Inc.
"Is this going to be a stand-up programming session, sir, or another bug hunt?"