Re: Logging of matching pg_hba.conf entry during auth skips trust auth, potential security issue

Поиск
Список
Период
Сортировка
От Shaun Thomas
Тема Re: Logging of matching pg_hba.conf entry during auth skips trust auth, potential security issue
Дата
Msg-id CAFdbL1OCKyU46GbwqdQ3zh_UXp5mG6GaPJyA0u==kitKWSr6zQ@mail.gmail.com
обсуждение исходный текст
Ответ на Re: Logging of matching pg_hba.conf entry during auth skips trust auth, potential security issue  (Michael Paquier <michael@paquier.xyz>)
Ответы Re: Logging of matching pg_hba.conf entry during auth skips trust auth, potential security issue  (Jacob Champion <jchampion@timescale.com>)
Список pgsql-hackers
Дерево обсуждения 
> We could do something like a LOG "connection: method=%s user=%s
> (%s:%d)", without the "authenticated" and "identity" terms from
> set_authn_id().  Just to drop an idea.

That would be my inclination as well. Heck, just slap a log message
right in the specific case statements that don't have actual auth as
defined by set_authn_id. This assumes anyone really cares about it
that much, of course. :D

-- 
Shaun

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Michael Paquier
Дата:
Сообщение: Re: WIP: new system catalog pg_wait_event
Следующее
От: Peter Eisentraut
Дата:
Сообщение: Re: Handle infinite recursion in logical replication setup