Re: Getting rid of the flat authentication file
| От | Tom Lane |
|---|---|
| Тема | Re: Getting rid of the flat authentication file |
| Дата | |
| Msg-id | 9961.1251475930@sss.pgh.pa.us обсуждение исходный текст |
| Ответ на | Re: Getting rid of the flat authentication file ("Joshua D. Drake" <jd@commandprompt.com>) |
| Ответы |
Re: Getting rid of the flat authentication file
|
| Список | pgsql-hackers |
"Joshua D. Drake" <jd@commandprompt.com> writes:
> On Fri, 2009-08-28 at 11:52 -0400, Tom Lane wrote:
>> I've thought of an easier way to handle this: if the given database name
>> is invalid, connect to database "postgres" instead, and perform
>> authentication using normal access to the pg_auth catalogs. If
>> authentication succeeds, *then* throw the error about nonexistent
>> database. If "postgres" is not there, we'd still expose existence
>> of the original database name early, but how many installations don't
>> have that?
> I run into it all the time. People drop the postgres database as not
> needed.
Well, it isn't, unless you are worried about a third-order security
issue like whether someone can identify database names by a brute
force attack. The only problem if it's not there is we'll throw the
"no such db" error before user validation instead of after. I'm feeling
that that isn't worth a large expenditure of effort, as long as there's
a reasonable way to configure the system so it is secure if you care
about that.
regards, tom lane
В списке pgsql-hackers по дате отправления: