Search Postgresql Archives

Re: On "multi-master"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Andrew Sullivan wrote:

On Fri, Oct 14, 2005 at 10:20:41AM -0500, Scott Marlowe wrote:
USers accessing machines behind the scenes is a VERY bad idea.  It's not
a pgpool bug, is a user bug.  :)

The problem with this glib answer is that we are talking about
systems where such a "user bug" can cost people millions of dollars. They want the _machine_ to prevent the user bug. That's what they
think they're buying, and my understanding is that some of the other
systems provide greater protection.
Out of curiosity, what is wrong with requiring client SSL certs to access the system and only issuing them to the PGPool system (or using a different CA if you need to issue client certs to the end users)? This doesn't eliminate the problem, but it does mean that you have to take the gun out of its sheath, take the safety off, and carefully aim it at your foot before you can get bit by this user bug.... In other words, it should eliminate inadvertant circumvention of the protections in place (though deliberate circumvention is always an issue when both sides are open source and the DBA has access to all systems-- after all, the DBA could rewrite the pg_hba to allow connecting from another host, and then issue the change, but then this isn't really the same objection, is it).

Best Wishes,
Chris Travers
Metatron Technology Consulting

---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?

              http://www.postgresql.org/docs/faq

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux