User: Password:
|
|
Subscribe / Log in / New account

A serious PostgreSQL security fix

A serious PostgreSQL security fix

Posted Apr 7, 2013 22:40 UTC (Sun) by hummassa (subscriber, #307)
In reply to: A serious PostgreSQL security fix by cesarb
Parent article: A serious PostgreSQL security fix

IIRC correctly my SSL/TLS, the authentication (and the start of encrypting the whole session) comes before anything else. I suppose when the client asks for connection to a database, he is already autheticated via his cert (and the dbms can check if he can effectively connect to *that* particular db).


(Log in to post comments)

TLS authorization

Posted Apr 8, 2013 12:44 UTC (Mon) by tialaramex (subscriber, #21167) [Link]

I don't know specifically about PostgreSQL but generally when you have a single SSL endpoint you make all the "authorization" decisions later, after the SSL handshake is done and you're "secure".

So very likely you can connect to any TLS-supporting PostgreSQL server with proof that you're "A Badman <evil@example.com>" and the server will go try to access the database to determine whether this "A Badman" person is authorized. With this particular bug, that's already too late.

In principle the server _could_ round up all the rules for authorization for all the databases, and then do early reject for connections that don't match, but that would be a lot of extra work to handle a slow path case, and (unless you know about this bug) there's no reason to approach it that way.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds