Re: [HACKERS] What goes into the security doc?
Robert Treat wrote: I'm not sure how adequately these topics are covered elsewhere, but you should probably provide at least a pointer if not improved information: * Should have a mention of the pgcrypto code in contrib. * Brain hiccup, but isn't there some type of password datatype It is in /contrib as chkpass: Chkpass is a password type that is automatically checked and converted upon entry. It is stored encrypted. To compare, simply compare agains a clear text password and the comparison function will encrypt it before comparing. It also returns an error if the code determines that the password is easily crackable. This is currently a stub that does nothing. I haven't worried about making this type indexable. I doubt that anyone would ever need to sort a file in order of encrypted password. If you precede the string with a colon, the encryption and checking are skipped so that you can enter existing passwords into the field. On output, a colon is prepended. This makes it possible to dump and reload passwords without re-encrypting them. If you want the password (encrypted) without the colon then use the raw() function. This allows you to use the type with things like Apache's Auth_PostgreSQL module. D'Arcy J.M. Cain [EMAIL PROTECTED] The document is a good idea, and the initdb -W item is good too! -- Bruce Momjian| http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup.| Newtown Square, Pennsylvania 19073 ---(end of broadcast)--- TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
Re: [HACKERS] What goes into the security doc?
On 22 Jan 2003 at 13:29, Christopher Kings-Lynne wrote: Recommend always running initdb -W and setting all pg_hba entries to md5. Thanks. I also encountered this item on IRC: [09:26] fede2 Guys, is there a problem with using /bin/true of /bin/false as the shell of the postgres user? The docs only says adduser postgres , witch will give postgres a nice shell. [09:27] fede2 I'm asking because the guys from Gentoo (thats a distro FWIW), want to use either /bin/false of /bin/true as postgres' shell. [09:27] dvl fede2: it means you won't be able to become the postgres user to run commands. [09:27] mmc_ ... to run SHELL commands. [09:29] fede2 dvl: Aldo it's not the same, one could use su -c foo postgres to workarround it. [09:30] fede2 dvl: I was wondering if it had an even heavier reason, besides that. [09:34] mmc_ fede2: tha manpage of su says, that -c args is treated by the login shell ! [09:35] fede2 mmc_: Hmm.. true. That makes it a heavy enough reason. Thanks. [09:35] * fede2 departs -- Dan Langille : http://www.langille.org/ ---(end of broadcast)--- TIP 6: Have you searched our list archives? http://archives.postgresql.org
Re: [HACKERS] What goes into the security doc?
man su says (on Linux): -s, --shell=SHELL run SHELL if /etc/shells allows it Illustration: [adunsta:adunsta]$ su -s /bin/tcsh - -c 'ps -f $$' Password: UIDPID PPID C STIME TTY STAT TIME CMD root 10682 10681 0 10:34 pts/0S 0:00 -tcsh -c ps -f $$ [adunsta:adunsta]$ So setting /bin/true as the login shell prevents real logins but doesn't prevent running commands as the user via su, even from a login shell. andrew - Original Message - From: Dan Langille [EMAIL PROTECTED] To: Christopher Kings-Lynne [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, January 24, 2003 10:00 AM Subject: Re: [HACKERS] What goes into the security doc? On 22 Jan 2003 at 13:29, Christopher Kings-Lynne wrote: Recommend always running initdb -W and setting all pg_hba entries to md5. Thanks. I also encountered this item on IRC: [09:26] fede2 Guys, is there a problem with using /bin/true of /bin/false as the shell of the postgres user? The docs only says adduser postgres , witch will give postgres a nice shell. [09:27] fede2 I'm asking because the guys from Gentoo (thats a distro FWIW), want to use either /bin/false of /bin/true as postgres' shell. [09:27] dvl fede2: it means you won't be able to become the postgres user to run commands. [09:27] mmc_ ... to run SHELL commands. [09:29] fede2 dvl: Aldo it's not the same, one could use su -c foo postgres to workarround it. [09:30] fede2 dvl: I was wondering if it had an even heavier reason, besides that. [09:34] mmc_ fede2: tha manpage of su says, that -c args is treated by the login shell ! [09:35] fede2 mmc_: Hmm.. true. That makes it a heavy enough reason. Thanks. [09:35] * fede2 departs -- Dan Langille : http://www.langille.org/ ---(end of broadcast)--- TIP 6: Have you searched our list archives? http://archives.postgresql.org ---(end of broadcast)--- TIP 3: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly
Re: [HACKERS] What goes into the security doc?
I'm not sure how adequately these topics are covered elsewhere, but you should probably provide at least a pointer if not improved information: * Should have a mention of the pgcrypto code in contrib. * Brain hiccup, but isn't there some type of password datatype * Explanation of problems/solutions of using md5 passwords inside postgresql. this has tripped up a lot of people upgrading to 7.3 * possibly go into server resource issues and the pitfalls in giving free form sql access to just anyone. (Think unconstrained join on all tables in a database) hth, Robert Treat On Mon, 2003-01-20 at 00:01, Dan Langille wrote: With reference to my post to the PostgreSQL Password Cracker on 2003-01-02, I've promised to write a security document for the project. Here it is, Sunday night, and I can't sleep. What better way to get there than start this task... My plan is to write this in very simple HTML. I will post the draft document on my website and post the URL here from time to time for feedback. Please make suggestions for content. So far, I will cover these items: - .pgpass (see http://developer.postgresql.org/docs/postgres/libpq-files.html) - local connections - remote connections (recommending SSL) - pg_hba (only in passing, most of that is at http://www.postgresql.org/idocs/index.php?client-authentication.html) - running the postmaster as a specific user That doesn't sound like much. Surely you can think of something else to add. Should I post this to another list for their views? OK, that's done it. I'm ready for sleep now. ---(end of broadcast)--- TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/users-lounge/docs/faq.html
Re: [HACKERS] What goes into the security doc?
Recommend always running initdb -W and setting all pg_hba entries to md5. Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Robert Treat Sent: Tuesday, 21 January 2003 11:17 PM To: Dan Langille Cc: [EMAIL PROTECTED] Subject: Re: [HACKERS] What goes into the security doc? I'm not sure how adequately these topics are covered elsewhere, but you should probably provide at least a pointer if not improved information: * Should have a mention of the pgcrypto code in contrib. * Brain hiccup, but isn't there some type of password datatype * Explanation of problems/solutions of using md5 passwords inside postgresql. this has tripped up a lot of people upgrading to 7.3 * possibly go into server resource issues and the pitfalls in giving free form sql access to just anyone. (Think unconstrained join on all tables in a database) hth, Robert Treat On Mon, 2003-01-20 at 00:01, Dan Langille wrote: With reference to my post to the PostgreSQL Password Cracker on 2003-01-02, I've promised to write a security document for the project. Here it is, Sunday night, and I can't sleep. What better way to get there than start this task... My plan is to write this in very simple HTML. I will post the draft document on my website and post the URL here from time to time for feedback. Please make suggestions for content. So far, I will cover these items: - .pgpass (see http://developer.postgresql.org/docs/postgres/libpq-files.html) - local connections - remote connections (recommending SSL) - pg_hba (only in passing, most of that is at http://www.postgresql.org/idocs/index.php?client-authentication.html) - running the postmaster as a specific user That doesn't sound like much. Surely you can think of something else to add. Should I post this to another list for their views? OK, that's done it. I'm ready for sleep now. ---(end of broadcast)--- TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/users-lounge/docs/faq.html ---(end of broadcast)--- TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
[HACKERS] What goes into the security doc?
With reference to my post to the PostgreSQL Password Cracker on 2003-01-02, I've promised to write a security document for the project. Here it is, Sunday night, and I can't sleep. What better way to get there than start this task... My plan is to write this in very simple HTML. I will post the draft document on my website and post the URL here from time to time for feedback. Please make suggestions for content. So far, I will cover these items: - .pgpass (see http://developer.postgresql.org/docs/postgres/libpq-files.html) - local connections - remote connections (recommending SSL) - pg_hba (only in passing, most of that is at http://www.postgresql.org/idocs/index.php?client-authentication.html) - running the postmaster as a specific user That doesn't sound like much. Surely you can think of something else to add. Should I post this to another list for their views? OK, that's done it. I'm ready for sleep now. ---(end of broadcast)--- TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/users-lounge/docs/faq.html
