Participants
ivan
ivan
Jan Wieck
Jan Wieck
scott.marlowe
scott.marlowe
Andrew Dunstan
Andrew Dunstan
Attachments

No attachments in this thread

Thread Outline
#1...#3
ivanJan Wieck
Oct 24, 2003
#1ivanivan
Oct 24, 2003
#2Jan WieckJan Wieckto ivan (#1)
Oct 27, 2003
#3ivanivanto Jan Wieck (#2)
Oct 30, 2003
#4scott.marlowescott.marloweto ivan (#3)
Oct 30, 2003
#5Andrew DunstanAndrew Dunstanto ivan (#3)
Oct 30, 2003
#6Jan WieckJan Wieckto ivan (#3)
Oct 30, 2003

pg_user

Started by ivanabout 22 years ago6 messages
#1ivan
ivan
iv@psycho.pl

hi

can we change initdb when view pg_user is createing to :

CREATE VIEW pg_user AS \
SELECT \
usename, \
usesysid, \
usecreatedb, \
usesuper, \
usecatupd, \
'********'::text as passwd, \
valuntil, \
useconfig \
FROM pg_shadow WHERE usename = SESSION_USER;

?

#2Jan Wieck
Jan Wieck
JanWieck@Yahoo.com
In reply to: ivan (#1)
Re: pg_user

ivan wrote:

hi

can we change initdb when view pg_user is createing to :

CREATE VIEW pg_user AS \
SELECT \
usename, \
usesysid, \
usecreatedb, \
usesuper, \
usecatupd, \
'********'::text as passwd, \
valuntil, \
useconfig \
FROM pg_shadow WHERE usename = SESSION_USER;

No, at least not without a complete proposal how to retain the current
behaviour of pg_tables, pg_views, psql's \d and other places that rely
on pg_user being able to display all users.

It's the same thing with your /etc/passwd. chmod o-rwx /etc/passwd will
hide the usernames but break many utilities. If you don't want someone
to know all the logins, don't give him one.

Jan

--
#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me. #
#================================================== JanWieck@Yahoo.com #

#3ivan
ivan
iv@psycho.pl
In reply to: Jan Wieck (#2)
Re: pg_user

you can also patch your kernel and when you write cat /etc/passwd system
give you only your line , whitout any others users, so exacly what you
need ,
in pgsql i think that users dont need to know about others , and also
them
databases, i call it security :)

On Mon, 27 Oct 2003, Jan Wieck wrote:

Show quoted text

ivan wrote:

hi

can we change initdb when view pg_user is createing to :

CREATE VIEW pg_user AS \
SELECT \
usename, \
usesysid, \
usecreatedb, \
usesuper, \
usecatupd, \
'********'::text as passwd, \
valuntil, \
useconfig \
FROM pg_shadow WHERE usename = SESSION_USER;

No, at least not without a complete proposal how to retain the current
behaviour of pg_tables, pg_views, psql's \d and other places that rely
on pg_user being able to display all users.

It's the same thing with your /etc/passwd. chmod o-rwx /etc/passwd will
hide the usernames but break many utilities. If you don't want someone
to know all the logins, don't give him one.

Jan

--
#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me. #
#================================================== JanWieck@Yahoo.com #

#4scott.marlowe
scott.marlowe
scott.marlowe@ihs.com
In reply to: ivan (#3)
Re: pg_user

On Thu, 30 Oct 2003, ivan wrote:

you can also patch your kernel and when you write cat /etc/passwd system
give you only your line , whitout any others users, so exacly what you
need ,
in pgsql i think that users dont need to know about others , and also
them
databases, i call it security :)

technically, that's just obscurity.

#5Andrew Dunstan
Andrew Dunstan
andrew@dunslane.net
In reply to: ivan (#3)
Re: pg_user

rfc 1925 (see http://www.faqs.org/rfcs/rfc1925.html ) states:

"With sufficient thrust, pigs fly just fine. However, this is not
necessarily a good idea. It is hard to be sure where they are going to
land, and it could be dangerous sitting under them as they fly overhead."

You can call it security if you like, but I call it trying to make a pig
fly.

If you don't want your users to know about each other then put them on
different clusters. Or if they need access to the same data then mediate
access via a middle layer at the server end instead of allowing direct
access to the database(s) - three layer models are very common for this
and other reasons.

cheers

andrew

ivan wrote:

Show quoted text

you can also patch your kernel and when you write cat /etc/passwd system
give you only your line , whitout any others users, so exacly what you
need ,
in pgsql i think that users dont need to know about others , and also
them
databases, i call it security :)

On Mon, 27 Oct 2003, Jan Wieck wrote:

ivan wrote:

hi

can we change initdb when view pg_user is createing to :

CREATE VIEW pg_user AS \
SELECT \
usename, \
usesysid, \
usecreatedb, \
usesuper, \
usecatupd, \
'********'::text as passwd, \
valuntil, \
useconfig \
FROM pg_shadow WHERE usename = SESSION_USER;

No, at least not without a complete proposal how to retain the current
behaviour of pg_tables, pg_views, psql's \d and other places that rely
on pg_user being able to display all users.

It's the same thing with your /etc/passwd. chmod o-rwx /etc/passwd will
hide the usernames but break many utilities. If you don't want someone
to know all the logins, don't give him one.

Jan

--
#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me. #
#================================================== JanWieck@Yahoo.com #

---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to majordomo@postgresql.org so that your
message can get through to the mailing list cleanly

#6Jan Wieck
Jan Wieck
JanWieck@Yahoo.com
In reply to: ivan (#3)
Re: pg_user

ivan wrote:

you can also patch your kernel and when you write cat /etc/passwd system
give you only your line , whitout any others users, so exacly what you
need ,
in pgsql i think that users dont need to know about others , and also
them
databases, i call it security :)

No, it's not security, it is obscurity. The point is that this
modification is not backward compatible and the only scenario I can
imagine where it would be good to have this is for a hosting provider
who want's to cram up multiple hosted databases under one postmaster.

I am not per se against such change. It never striked me as a good idea
in general that we only have the one, shared pg_shadow catalog and all
databases share all users. So I think what I try to say is ... back to
the drawing board, because your initial solution is not acceptable.

Jan

On Mon, 27 Oct 2003, Jan Wieck wrote:

ivan wrote:

hi

can we change initdb when view pg_user is createing to :

CREATE VIEW pg_user AS \
SELECT \
usename, \
usesysid, \
usecreatedb, \
usesuper, \
usecatupd, \
'********'::text as passwd, \
valuntil, \
useconfig \
FROM pg_shadow WHERE usename = SESSION_USER;

No, at least not without a complete proposal how to retain the current
behaviour of pg_tables, pg_views, psql's \d and other places that rely
on pg_user being able to display all users.

It's the same thing with your /etc/passwd. chmod o-rwx /etc/passwd will
hide the usernames but break many utilities. If you don't want someone
to know all the logins, don't give him one.

Jan

--
#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me. #
#================================================== JanWieck@Yahoo.com #

--
#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me. #
#================================================== JanWieck@Yahoo.com #

← Back to Topics