Search Postgresql Archives

Re: Disable executing external commands from psql?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

OK one more question on this thread. It occurs to me that for the web app, DB username and password is read from a configuration file. (I understand this to be a common method for web applications.) But since apache needs to read the file, then all users can read each others' passwords. Arrghh. I'm just wondering how web hosters typically deal with this issue (or is your info for, say, Wordpress exposed to other users if they know where to look for it?) Sorry if this is too off-topic... 

Ken

I'll look at

On 06/01/2010 05:30 PM, Tom Lane wrote:

Ken Tanzer<ken.tanzer@xxxxxxxxx>  writes:

The better way to go about that is to not let them have an account on
the server machine in the first place.

Somehow, exposing my database ports to the internet scares me more than
any (possibly crazy) stuff I'm trying to do.  :)

If you're exposing the ability to run psql, what makes you think you're
not effectively exposing the database?


But seriously I think I need to give them accounts--I'm setting up
online instances of a web app, so they have a set of (editable) PHP
files, possibly some storage, a log file, etc.  It seemed that setting
each up as its own user was better than going through some uber-process
that had access to all the files.

How are you going to let them edit the PHP files, or read the log file,
if all they can get to is psql?


Just to be clear, cause I'm a little thick sometimes, it is not possible
to do this?

You could always build your own lobotomized version of psql.  I think
though that (a) this is not likely to close all the holes and (b) the
whole concept needs rethinking anyway.  psql is *meant* to be executed
on the client side.  You're trying to put the firewall in the wrong
place, and what you're mainly going to accomplish is annoy your users.
You will for example be making it awfully difficult for them to use
\copy, \i, \e, \g, the list goes on.

			regards, tom lane



--
-------------------------------------------------------
AGENCY Software
For nonprofits that want to take control of their data

Use it.  Like it.  Share it.  Build it.  Buy it.
http://agency-software.org
-------------------------------------------------------


--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux