Обсуждение: reduce pg_hba.conf restrictions ...

is there any reason why we can't make the permissions on pg_hba.conf 600
vs 400?  the data directory itself is only readable by the 'superuser'...

Marc G. Fournier                   ICQ#7615664               IRC Nick: Scrappy
Systems Administrator @ hub.org 
primary: scrappy@hub.org           secondary: scrappy@{freebsd|postgresql}.org 

On 01-Feb-00 The Hermit Hacker wrote:
> 
> is there any reason why we can't make the permissions on pg_hba.conf 600
> vs 400?  the data directory itself is only readable by the 'superuser'...

Depends on what you edit with.  If you use vi you can override the perms,
if you use ee (like I do) you swear alot then change them yourself :)

Vince.
-- 
==========================================================================
Vince Vielhaber -- KA8CSH    email: vev@michvhf.com    http://www.pop4.net  128K ISDN: $24.95/mo or less - 56K Dialup:
$17.95/moor less at Pop4       Online Campground Directory    http://www.camping-usa.com      Online Giftshop
Superstore   http://www.cloudninegifts.com
 
==========================================================================

On Mon, 31 Jan 2000, Vince Vielhaber wrote:

> 
> On 01-Feb-00 The Hermit Hacker wrote:
> > 
> > is there any reason why we can't make the permissions on pg_hba.conf 600
> > vs 400?  the data directory itself is only readable by the 'superuser'...
> 
> Depends on what you edit with.  If you use vi you can override the perms,
> if you use ee (like I do) you swear alot then change them yourself :)

I use vi and "swear alot then change them yourself" :)

but, why are we bothering to swear instead of just changing them, is my
question :)

Marc G. Fournier                   ICQ#7615664               IRC Nick: Scrappy
Systems Administrator @ hub.org 
primary: scrappy@hub.org           secondary: scrappy@{freebsd|postgresql}.org 

The Hermit Hacker <scrappy@hub.org> writes:
> is there any reason why we can't make the permissions on pg_hba.conf 600
> vs 400?  the data directory itself is only readable by the 'superuser'...

I think the motivation may have been to prevent an attacker who manages
to connect as superuser from overwriting the pg_hba.conf file with
something more liberal (using backend-side COPY).  However, if he's
already managed to connect as superuser, it's difficult to see what
he needs more-liberal connection privileges for.

600 does seem a lot more convenient for the admin.  400 might save
the admin from some simple kinds of human error --- but not if he's
already in the habit of overriding the protection whenever he updates
the file.

In short, I agree.  Does anyone else see any real security gain from
making it 400?
        regards, tom lane