Thoughts on pg_hba.conf rejection
in [PgSql]
|
From: Tom Lane on 7 Apr 2010 10:46 Simon Riggs <simon(a)2ndQuadrant.com> writes: > When there is a specific reject rule, why does the server say > FATAL: no pg_hba.conf entry It's intentional. We try to expose the minimum amount of knowledge about the contents of pg_hba.conf to potential attackers. regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers(a)postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
From: Jaime Casanova on 7 Apr 2010 11:41 On Wed, Apr 7, 2010 at 10:46 AM, Tom Lane <tgl(a)sss.pgh.pa.us> wrote: > Simon Riggs <simon(a)2ndQuadrant.com> writes: >> When there is a specific reject rule, why does the server say >> FATAL:  no pg_hba.conf entry > > It's intentional.  We try to expose the minimum amount of knowledge > about the contents of pg_hba.conf to potential attackers. > i just tried it in CVS and in 8.4 and when i put a reject rule on pg_hba.conf what i get is: psql: FATAL: no pg_hba.conf entry for host "127.0.0.1", user "mic", database "mic" so we are giving a lot of info already changing "no pg_hba.conf entry" for "connection rejected" doesn't seem like a lot more and the change could be useful for a DBA understanding what happens -- Atentamente, Jaime Casanova Soporte y capacitación de PostgreSQL AsesorÃa y desarrollo de sistemas Guayaquil - Ecuador Cel. +59387171157 -- Sent via pgsql-hackers mailing list (pgsql-hackers(a)postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
From: Tom Lane on 7 Apr 2010 11:43 Jaime Casanova <jcasanov(a)systemguards.com.ec> writes: > On Wed, Apr 7, 2010 at 10:46 AM, Tom Lane <tgl(a)sss.pgh.pa.us> wrote: >> It's intentional. We try to expose the minimum amount of knowledge >> about the contents of pg_hba.conf to potential attackers. > i just tried it in CVS and in 8.4 and when i put a reject rule on > pg_hba.conf what i get is: > psql: FATAL: no pg_hba.conf entry for host "127.0.0.1", user "mic", > database "mic" > so we are giving a lot of info already All three of those data values are known to the client; they don't add knowledge about what is in pg_hba.conf. regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers(a)postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
From: Josh Berkus on 7 Apr 2010 12:53 > Clearly needs to be secure. Does the second message give any information > to a would-be hacker than the first? I don't think so, but it certainly > helps an admin work out if they've missed something. I think this question needs a bona fide network security geek to decide, rather than us database geeks. Hello! Is there a security hacker in the house? -- -- Josh Berkus PostgreSQL Experts Inc. http://www.pgexperts.com -- Sent via pgsql-hackers mailing list (pgsql-hackers(a)postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
From: Robert Haas on 7 Apr 2010 13:07
On Wed, Apr 7, 2010 at 10:46 AM, Tom Lane <tgl(a)sss.pgh.pa.us> wrote: > Simon Riggs <simon(a)2ndQuadrant.com> writes: >> When there is a specific reject rule, why does the server say >> FATAL: no pg_hba.conf entry > > It's intentional. We try to expose the minimum amount of knowledge > about the contents of pg_hba.conf to potential attackers. The problem with the message is not that it's uninformative, but that it's counterfactual. ....Robert -- Sent via pgsql-hackers mailing list (pgsql-hackers(a)postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers |