Re: Logging of matching pg_hba.conf entry during auth skips trust auth, potential security issue

Stephen Frost <sfrost@snowman.net>

From: Stephen Frost <sfrost@snowman.net>
To: Jacob Champion <jchampion@timescale.com>
Cc: Shaun Thomas <shaun.thomas@enterprisedb.com>, Michael Paquier <michael@paquier.xyz>, pgsql-hackers@postgresql.org
Date: 2023-08-17T16:01:26Z
Lists: pgsql-hackers
Greetings,

* Jacob Champion (jchampion@timescale.com) wrote:
> Maybe something like the attached?

> - I used the phrasing "connection not authenticated" in the hopes that
> it's a bit more greppable than just "connection", especially in
> combination with the existing "connection authenticated" lines.

That doesn't seem quite right ... admittedly, 'trust' isn't performing
authentication but there can certainly be an argument made that the
basic 'matched a line in pg_hba.conf' is a form of authentication, and
worse really, saying 'not authenticated' would seem to imply that we
didn't allow the connection when, really, we did, and that could be
confusing to someone.

Maybe 'connection allowed' instead..?

Thanks,

Stephen

Commits

  1. Generate new LOG for "trust" connections under log_connections

  2. Add some information about authenticated identity via log_connections