Re: [GENERAL] prevent connection using pgpass.conf
Alban Hertroys wrote: afaik, the .pgpass file is something the user creates with his text editor. if it was encrypted or hashed, there would need to be a client side utility to create it. Yes of course, something like ssh-keygen(1) for example. well, more like smbpasswd, I'd think. -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
Re: [GENERAL] prevent connection using pgpass.conf
On 13 Apr 2010, at 2:36, John R Pierce wrote: > Alban Hertroys wrote: >> Storing those passwords encrypted on the client side seems the proper way to >> deal with this issue. IMHO, time working on that is better spent than time >> trying to prevent .pgpass files from working. > > afaik, the .pgpass file is something the user creates with his text editor. > if it was encrypted or hashed, there would need to be a client side utility > to create it. Yes of course, something like ssh-keygen(1) for example. Alban Hertroys -- If you can't see the forest for the trees, cut the trees and you'll see there is no forest. !DSPAM:737,4bc4402710411493216889! -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
Re: [GENERAL] prevent connection using pgpass.conf
Alban Hertroys wrote: I have to say I was a bit surprised to find that .pgpass files store those passwords as plain text though. Some method like ssh uses with public and private keys would be an improvement IMO. Especially since we can choose to use password encryption over the wire. Storing those passwords encrypted on the client side seems the proper way to deal with this issue. IMHO, time working on that is better spent than time trying to prevent .pgpass files from working. afaik, the .pgpass file is something the user creates with his text editor.if it was encrypted or hashed, there would need to be a client side utility to create it. -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
Re: [GENERAL] prevent connection using pgpass.conf
Magnus Hagander wrote: > 2010/4/1 Christophe Dore : > > > > - is there any configuration that can be done on server side to prevent > > the client side to use such file to read passwords ? > > No. It happens before the user ha slogged in, obviously. > > > > - is there any options that can be set in postgres libpq C library to > > prevent the connection functions to search for password in files ? > > No, but you could possibly set the PGPASSFILE environment variable to > a place where you *know* there won't be a pgpass file, if you can > determine such a place. /dev/null? -- Bruce Momjian http://momjian.us EnterpriseDB http://enterprisedb.com -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
Re: [GENERAL] prevent connection using pgpass.conf
On 1 Apr 2010, at 11:21, Christophe Dore wrote: > Thanks for answering > > Yes, you are right. This is a client-side file. However, our concern is > that we have to consider this practice as a security issue. We'd like to > ban this practice for our product which is, thus, wrapping PostgresQL > engine. Thus my questions > > - is there any configuration that can be done on server side to prevent > the client side to use such file to read passwords ? > - is there any options that can be set in postgres libpq C library to > prevent the connection functions to search for password in files ? Nothing prevents a user from creating such files, regardless whether the server accepts the information in it or not. I get the impression you want to prevent passwords being stored in files on user systems - probably thinking that if such a file were 'stolen' then someone could access your database and possibly modify things. Although this is basically true, there is no way you can prevent users from storing passwords on their computers. If they're not put in .pgpass files there will be users who store them unencrypted in text files conveniently named 'passwords' in their home directories. They'll probably do that anyway. >From the server side there's nothing you can do about that, so not accepting >data from .pgpass files will hardly help you. I have to say I was a bit surprised to find that .pgpass files store those passwords as plain text though. Some method like ssh uses with public and private keys would be an improvement IMO. Especially since we can choose to use password encryption over the wire. Storing those passwords encrypted on the client side seems the proper way to deal with this issue. IMHO, time working on that is better spent than time trying to prevent .pgpass files from working. Alban Hertroys -- If you can't see the forest for the trees, cut the trees and you'll see there is no forest. !DSPAM:737,4bb47e3510419564511622! -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
Re: [GENERAL] prevent connection using pgpass.conf
2010/4/1 Christophe Dore : > > - is there any configuration that can be done on server side to prevent > the client side to use such file to read passwords ? No. It happens before the user ha slogged in, obviously. > - is there any options that can be set in postgres libpq C library to > prevent the connection functions to search for password in files ? No, but you could possibly set the PGPASSFILE environment variable to a place where you *know* there won't be a pgpass file, if you can determine such a place. -- Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/ -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
Re: [GENERAL] prevent connection using pgpass.conf
Christophe Dore wrote: Thanks for answering Yes, you are right. This is a client-side file. However, our concern is that we have to consider this practice as a security issue. We'd like to ban this practice for our product which is, thus, wrapping PostgresQL engine. Thus my questions - is there any configuration that can be done on server side to prevent the client side to use such file to read passwords ? - is there any options that can be set in postgres libpq C library to prevent the connection functions to search for password in files ? where do you want the client apps to get the passwords from? hard coded? an application read .inf file? -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
Re: [GENERAL] prevent connection using pgpass.conf
Le 01/04/2010 11:21, Christophe Dore a écrit : > Thanks for answering > > Yes, you are right. This is a client-side file. However, our concern is > that we have to consider this practice as a security issue. We'd like to > ban this practice for our product which is, thus, wrapping PostgresQL > engine. Thus my questions > > - is there any configuration that can be done on server side to prevent > the client side to use such file to read passwords ? No. > - is there any options that can be set in postgres libpq C library to > prevent the connection functions to search for password in files ? Well, you need to change the source code and recompile libpq. But if your user is "smart" enough to install the "right" libpq, they will be able to use the pgpass file. -- Guillaume. http://www.postgresqlfr.org http://dalibo.com -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
Re: [GENERAL] prevent connection using pgpass.conf
Thanks for answering Yes, you are right. This is a client-side file. However, our concern is that we have to consider this practice as a security issue. We'd like to ban this practice for our product which is, thus, wrapping PostgresQL engine. Thus my questions - is there any configuration that can be done on server side to prevent the client side to use such file to read passwords ? - is there any options that can be set in postgres libpq C library to prevent the connection functions to search for password in files ? Thanks -- -Original Message- From: Raymond O'Donnell [mailto:r...@iol.ie] Sent: mercredi 31 mars 2010 19:00 To: Christophe Dore Cc: pgsql-general@postgresql.org Subject: Re: [GENERAL] prevent connection using pgpass.conf On 31/03/2010 16:32, Christophe Dore wrote: > Hi > > We are building a solution using some dedicated postgresql servers (and > dedicated C++ and Java apps). For security reasons, we'd like to prevent > users to connect (from our apps at least) to those servers with > passwords stored in files such as pgpass.conf. Unless I'm mistaken, my understanding is that pgpass files are stored on client machines, not the server, so if the clients are connecting from different machines this shouldn't be a problem in the first place. Ray. -- Raymond O'Donnell :: Galway :: Ireland r...@iol.ie -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
Re: [GENERAL] prevent connection using pgpass.conf
On 31/03/2010 16:32, Christophe Dore wrote: > Hi > > We are building a solution using some dedicated postgresql servers (and > dedicated C++ and Java apps). For security reasons, we'd like to prevent > users to connect (from our apps at least) to those servers with > passwords stored in files such as pgpass.conf. Unless I'm mistaken, my understanding is that pgpass files are stored on client machines, not the server, so if the clients are connecting from different machines this shouldn't be a problem in the first place. Ray. -- Raymond O'Donnell :: Galway :: Ireland r...@iol.ie -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
Re: [GENERAL] prevent connection using pgpass.conf
On Wed, 2010-03-31 at 17:32 +0200, Christophe Dore wrote: > Hi > > We are building a solution using some dedicated postgresql servers (and > dedicated C++ and Java apps). For security reasons, we'd like to prevent > users to connect (from our apps at least) to those servers with > passwords stored in files such as pgpass.conf. > > > Is there any configuration that can be done, on the server side, or in > the C++ and/or java application side, so to prevent such thing ? > Don't let your users log in to the Windows machine as users that have access to those files. Joshua D. Drake -- PostgreSQL.org Major Contributor Command Prompt, Inc: http://www.commandprompt.com/ - 503.667.4564 Consulting, Training, Support, Custom Development, Engineering Respect is earned, not gained through arbitrary and repetitive use or Mr. or Sir. -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
[GENERAL] prevent connection using pgpass.conf
Hi We are building a solution using some dedicated postgresql servers (and dedicated C++ and Java apps). For security reasons, we'd like to prevent users to connect (from our apps at least) to those servers with passwords stored in files such as pgpass.conf. Is there any configuration that can be done, on the server side, or in the C++ and/or java application side, so to prevent such thing ? Thanks in advance. -- cd -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
