Sender: owner-postgres95@postgres.Berkeley.EDU
X-Return-Path: andrew_yu
Received: from rachael.franken.de (rachael.franken.de [131.188.40.80]) by nobozo.CS.Berkeley.EDU (8.6.10/8.6.3) with SMTP id KAA29978 for <postgres95@postgres.berkeley.edu>; Tue, 7 Nov 1995 10:30:06 -0800
Received: from forge by rachael.franken.de with uucp
	(Smail3.1.28.1 #14) id m0tCslw-000oKKC; Tue, 7 Nov 95 19:29 MET
Received: by forge.franken.de (Smail3.1.29.1 #4)
	id m0tCq0N-000kW8C; Tue, 7 Nov 95 16:32 MET
Received: from GATEWAY by forge with netnews
	for postgres95@postgres.berkeley.edu (postgres95@postgres.berkeley.edu)
To: postgres95@postgres.Berkeley.EDU
Date: 7 Nov 1995 16:32:05 +0100
From: barnard@forge.franken.de (Henning Schmiedehausen)
Message-ID: <47nu5l$9rn@forge.franken.de>
Organization: The Software Forge, Megabryte Division, Net Department
X-Sender: forge.postgres@forge.franken.de
References: <199511051753.MAA06632@dune.silkroad.com>, <199511052354.PAA12977@nobozo.CS.Berkeley.EDU>
Subject: Re: Security?
Resent-To: postgres95-redist
Resent-Date: Tue, 07 Nov 95 10:30:16 -0800
Resent-From: pglite
Resent-XMts: smtp

Robert_Patrick@methi.ndim.edrc.cmu.edu (Robert Patrick) writes:

>If, on the other hand, you want to hack in the security features yourself, the 
>place to start is by looking at src/backend/libpq/{auth, pqcomm, pqpacket}.c 
>and src/backend/postmaster/postmaster.c.  This is the code that manages the 
>initial "handshake" with client applications.  By changing the way this code 
>works, you could provide a "limited" amount of security from unauthorized 
>connections.

>For even greater security, you would need to change the way that the function 
>manager works so that all executable object code (i.e., functions) loaded into 
>the backend does not run in "trusted" mode.  I must warn you that this is not 
>a trivial job.

I did consider to move the msql authentication stuff (msql does an
*excellent* job with this, giving access security on database, user
and host level with wildcard support) into Postgres but didn't get
very far before I dropped it and moved on to a 'firewall' solution.

IMHO a simple access file which lists user, host and database would be
already sufficient for 90+ % of all cases. You can get remote user ids
with the identd.

Any takers? :-)

	Ciao
		Henning

-- 
Henning Schmiedehausen       ...side by side in orbit... around a fairer SUN.
barnard@forge.franken.de     http://www.franken.de/users/forge/henning

'Fuck it. Ich muss aufs Klo.' -- froh beim Ueberfahren einer roten Ampel.

===============================================================================
  To unsubscribe from the Postgres95 mailing list, send mail with the subject
  line "DEL" to "postgres95-request@postgres.Berkeley.EDU". 
============  URL: http://s2k-ftp.CS.Berkeley.EDU:8000/postgres95/  ===========
