Re: Logging of matching pg_hba.conf entry during auth skips trust auth, potential security issue
Jacob Champion <jchampion@timescale.com>
From: Jacob Champion <jchampion@timescale.com>
To: Michael Paquier <michael@paquier.xyz>
Cc: Stephen Frost <sfrost@snowman.net>, Robert Haas <robertmhaas@gmail.com>, Shaun Thomas <shaun.thomas@enterprisedb.com>, pgsql-hackers@postgresql.org
Date: 2023-08-21T23:44:33Z
Lists: pgsql-hackers
On Mon, Aug 21, 2023 at 4:22 PM Michael Paquier <michael@paquier.xyz> wrote: > There are additionally two more comments in the SSL tests that could > be removed, I guess. Here's a v4, with Robert's latest suggestion > added. LGTM. > I am not sure that we need to change this historic term, TBH. Perhaps > it would be shorter to just rip off the trust method from the tree > with a deprecation period but that's not something I'm much in favor > off either (I use it daily for my own stuff, as one example). > Another, more conservative approach may be to make it a developer-only > option and discourage more its use in the docs. I don't think we should get rid of anonymous connections; there are ways to securely authorize a client connection without ever authenticating the entity at the other end. I'd just like the server to call them what they are, because I think the distinction is valuable for DBAs who are closely watching their systems. --Jacob
Commits
-
Generate new LOG for "trust" connections under log_connections
- e48b19c5db31 17.0 landed
-
Add some information about authenticated identity via log_connections
- 9afffcb833d3 14.0 cited