Обсуждение: Security - local(TRUST) and php/perl access

Currently we TRUST local users so pretty much any user can access any database
from the shell.
When PHP or Perl(DBI) accesses the postgres database, can they simply specify
any userid and database set as a local user would, or are they restricted to the
"host sameuser 0.0.0.0 0.0.0.0 password" setting in pg_hba.conf

Dave

Dave,

> Currently we TRUST local users so pretty much any user can access any
> database
> from the shell.
> When PHP or Perl(DBI) accesses the postgres database, can they simply
> specify
> any userid and database set as a local user would, or are they
> restricted to the
> "host sameuser 0.0.0.0 0.0.0.0 password" setting in pg_hba.conf

Anything running on the same machine, whether a shell, PHP, or Perl, is
covered by the "trust" statement, unless you make the mistake of
routing your connection through an external interface.

However, I strongly reccommend against using "trust" on any public web
server.

-Josh Berkus

>Anything running on the same machine, whether a shell, PHP, or Perl, is
>covered by the "trust" statement, unless you make the mistake of
>routing your connection through an external interface.

this is what I was afraid of

>However, I strongly reccommend against using "trust" on any public web
>server.

agreed, thus my concern...

it appears however that if everything is set to password (or better) that
postgres doesn't start on reboot.  the startup script reads

case $1 in
start)
    [ -d /usr/local/pgsql/lib ] && /sbin/ldconfig -m /usr/local/pgsql/lib
    [ -x /usr/local/pgsql/bin/pg_ctl ] && {
        su -l pgsql -c \
            'exec /usr/local/pgsql/bin/pg_ctl -w start > /usr/local/pgsql/errlog
        echo -n ' pgsql'
    }
    ;;

essentially what happens is that the startup waits for the password to be
entered, and as such that and any following services in the local/rc directory
are never started... it times out after a time (if memory serves).

workaround without security ramifications?

Dave