On 08/16/2014 07:47 AM, Matt Silverlock wrote:
Hi all. Trying to rationalise my pg_hba.conf and pg_ident.conf configuration on a Debian/Ubuntu machine where: * One primary application user (“deploy”) runs web applications * postgres, nginx, et. al run under their own users * Using a Unix socket for connecting to PostgreSQL on the same machine (if I split the machines up at some point in the future, I’ll just run TCP + SSL w/ strict IP filtering) At the moment I’m using the following approach, where each database user (unique per application) only has permissions for its own database. Users are mapped to the “deploy” user so that peer authentication can work.
What are the outstanding risks here? The only ‘likely’ scenario (short of the box itself being compromised) is if the app is compromised/flawed (i.e. some uncaught SQLi vuln in a lib) then it can drop its own tables, but not the tables of any other application running under the same OS user. (Heck, can you even have multiple applications talking to the same Unix socket?)
Yes. Here is a good description of how: http://stackoverflow.com/questions/9644251/how-do-unix-domain-sockets-differentiate-between-multiple-clients
Thanks in advance.
-- Adrian Klaver adrian.klaver@xxxxxxxxxxx -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
