On Wed, Jan 18, 2012 at 3:08 AM, Heikki Linnakangas <heikki.linnakan...@enterprisedb.com> wrote: > On 18.01.2012 07:49, Fujii Masao wrote: >> >> On Fri, Jan 6, 2012 at 1:38 AM, Jim Mlodgenski<jimm...@gmail.com> wrote: >>> >>> I have a need to send banner messages to a psql client that I can set >>> on the server and will be displayed on any psql client that connects >>> to the database. This would be mostly used as an additional indicator >>> to which database you are connecting, but could also be used by people >>> to force their users to see an security message when connecting to the >>> database. The attached patch will allow you to execute >>> >>> ALTER DATABASE postgres SET >>> >>> client_message=E'********************************************************************************\nBEWARE: >>> You are connecting to a production database. If you do anything to\n >>> bring this server down, you will be destroyed by your supreme >>> >>> overlord.\n********************************************************************************\n'; >>> >>> And then when you connect to psql, you will see: >>> >>> [e3@workstation bin]$ ./psql -U user1 postgres >>> psql (9.2devel) >>> >>> ******************************************************************************** >>> BEWARE: You are connecting to a production database. If you do anything >>> to >>> bring this server down, you will be destroyed by your supreme >>> overlord. >>> >>> ******************************************************************************** >>> >>> Type "help" for help. >>> >>> postgres=> >>> >>> >>> Any feedback is welcome. >> >> >> Adding new GUC parameter only for the purpose of warning psql users >> seems overkill to me. Basically we try to reduce the number of GUC >> parameters to make a configuration easier to a user, so I don't think that >> it's good idea to add new GUC for such a small benefit. > > > It seems quite useful to me... > > >> Instead, how >> about using .psqlrc file and writing a warning message in it by using >> \echo command? > > > That's not the same thing at all. Each client would need to put the warning > in that file, and you'd get it regardless of the database you connect to. > > >> Anyway, I found one problem in the patch. The patch defines client_message >> as PGC_USERSET parameter, which means that any psql can falsify a >> warning message, e.g., by setting the environment variable PGOPTIONS >> to "-c client_message=hoge". This seems to be something to avoid from >> security point of view. > > > I don't think that's a problem, it's just a free-form message to display. > But it also doesn't seem very useful to have it PGC_USERSET: if it's only > displayed at connect time, there's no point in changing it after connecting. Should we make it PGC_BACKEND?
> > The only security problem that I can think of is a malicious server > (man-in-the-middle perhaps), that sends a banner that confuses > > Docs for PQparameterStatus() needs adjustment, now that client_message is > also one of the settings automatically reported to the client. I'll add the docs for that.. > > The placement of the banner in psql looks currently like this: > >> $ psql postgres >> >> psql (9.2devel) >> Hello world! >> Type "help" for help. > > > or > >> postgres=# \c postgres >> Hello world! >> You are now connected to database "postgres" as user "heikki". > > > Are we happy with that? I think it would be better to print the banner just > before the prompt: I like that better. I'll make that change as well. > >> psql (9.2devel) >> Type "help" for help. >> >> Hello world! >> >> postgres=# \c postgres >> You are now connected to database "postgres" as user "heikki". > >> Hello world! >> postgres=# > > Should we prefix the banner with something that makes it clear that it's a > message coming from the server? Something like: I don't think the default prefix adds much for the user. If the administrator wants to let the user know that its from the server, he can add it to the message. > >> psql (9.2devel) >> Type "help" for help. >> >> Notice from server: Hello world! >> >> postgres=# \c postgres >> You are now connected to database "postgres" as user "heikki". >> Notice from server: Hello world! >> postgres=# > > -- > Heikki Linnakangas > EnterpriseDB http://www.enterprisedb.com -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
