Re: SYSTEM_USER reserved word implementation

Drouvot, Bertrand <bdrouvot@amazon.com>

From: "Drouvot, Bertrand" <bdrouvot@amazon.com>
To: Jacob Champion <jchampion@timescale.com>, Joe Conway <mail@joeconway.com>, Tom Lane <tgl@sss.pgh.pa.us>
Cc: PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2022-06-24T12:47:50Z
Lists: pgsql-hackers
On 6/24/22 11:49 AM, Drouvot, Bertrand wrote:
> Hi,
>
> On 6/23/22 10:06 AM, Drouvot, Bertrand wrote:
>> Hi,
>>
>> On 6/22/22 5:35 PM, Jacob Champion wrote:
>>> On Wed, Jun 22, 2022 at 8:10 AM Joe Conway <mail@joeconway.com> wrote:
>>>> On the contrary, I would argue that not having the identifier for the
>>>> external "user" available is a security concern. Ideally you want 
>>>> to be
>>>> able to trace actions inside Postgres to the actual user that 
>>>> invoked them.
>>> If auditing is also the use case for SYSTEM_USER, you'll probably want
>>> to review the arguments for making it available to parallel workers
>>> that were made in the other thread [1].
>>
>> Thanks Jacob for your feedback.
>>
>> I did some testing initially around the parallel workers and did not 
>> see any issues at that time.
>>
>> I just had another look and I agree that the parallel workers case 
>> needs to be addressed.
>>
>> I'll have a closer look to what you have done in [1].
>>
>> Thanks
>>
>> Bertrand
>>
> Please find attached patch version 2.
>
> It does contain:
>
> - Tom's idea implementation (aka presenting the system_user as 
> auth_method:authn_id)
>
> - A fix for the parallel workers issue mentioned by Jacob. The patch 
> now propagates the SYSTEM_USER to the parallel workers.
>
> - Doc updates
>
> - Tap tests (some of them are coming from [1])
>
> Looking forward to your feedback,
>
> Thanks
>
> Bertrand

FWIW here is a link to the commitfest entry: 
https://commitfest.postgresql.org/38/3703/

Bertrand






Commits

  1. Introduce SYSTEM_USER

  2. Add some information about authenticated identity via log_connections