On Tue, Jul 7, 2015 at 12:57:58PM -0400, Tom Lane wrote:
> Andres Freund <[email protected]> writes:
> > On 2015-07-07 12:03:36 -0400, Peter Eisentraut wrote:
> >> I think the DN is analogous to the remote user name, which we don't
> >> expose for any of the other authentication methods.
>
> > Huh?
>
> Peter's exactly right: there is no other case where you can tell what
> some other connection's actual OS username is. You might *guess* that
> it's the same as their database username, but you don't know that,
> assuming you don't know how they authenticated.
>
> I'm not sure how security-critical this info really is, though.
I know I am coming in late here, but I know Heroku uses random user
names to allow a cluster to have per-user databases without showing
external user name details:
=> \du
List of roles
Role name | Attributes |
Member of
----------------+------------------------------------------------+-----------
aafgrwewediiqz | 20 connections | {}
aaszwkfnholarh | 20 connections | {}
aatbelxbaeriwy | 20 connections | {}
aaxiwolkcxmbxo | 20 connections | {}
abbyljzgqaonjb | 20 connections | {}
I can see them having problems with a user being able to see the SSL
remote user names of all connected users.
--
Bruce Momjian <[email protected]> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ Everyone has their own god. +
--
Sent via pgsql-hackers mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
