Actually in theory it is possible to completely secure a database by
putting all your business logic in stored procedures/functions and
allowing only raw database access to administrators. Plenty of people
do this. In fact if I were designing something that had lots of users
who had relativel
<[EMAIL PROTECTED]> wrote:
This is a special case of (2,2) secret sharing: http://
en.wikipedia.org/wiki/Secret_sharing Here the secret is the actual
password, a+b, shared into two parts, a and b. The above scheme
suffers from the problem that the user now knows quite a lot about
the secre
On Fri, Feb 02, 2007 at 07:20:04 +0900,
Paul Lambert <[EMAIL PROTECTED]> wrote:
> How?
Use a debugger.
> If it is encrypted within the source code then the only way to steal the
> credentials would be to reverse engineer the application. And if someone
> is going to do that then you can be re
On 1/29/07, Andrus <[EMAIL PROTECTED]> wrote:
My application implements field and row level security.
I have custom table of users where user privileges are described.
However user can login directly to database using pgAdmin. This bypasses
the security.
How to allow users to login only from my
Mark Walker wrote:
OK, I've thought about this a bit more and have come to the conclusion
that storing the password locally in any way is completely insecure.
Here are simple ways of hacking it:
1. If you use libpq in a shared lib(dll, etc). Replace PQconnectdb with
your own version, rebuil
OK, I've thought about this a bit more and have come to the conclusion
that storing the password locally in any way is completely insecure.
Here are simple ways of hacking it:
1. If you use libpq in a shared lib(dll, etc). Replace PQconnectdb with
your own version, rebuild and use your new d
Mark Walker wrote:
I'm curious. How do you feel about having a scrambling algorithm
embedded in your application, but having the scrambled password publicly
readable in a config file? Does that seem secure? This is what you
have to do if you want your users to connect to different databases
I'm curious. How do you feel about having a scrambling algorithm
embedded in your application, but having the scrambled password publicly
readable in a config file? Does that seem secure? This is what you
have to do if you want your users to connect to different databases
choosing their own
Bruno Wolff III wrote:
On Thu, Feb 01, 2007 at 10:24:51 +0900,
Paul Lambert <[EMAIL PROTECTED]> wrote:
If you hide the database username and password within your application
(i.e. encrypted within the source code) so they cannot see the
credentials that you connect to the database with intern
> > Say that your application offers a way for each user to set/change
> > his own password.
> >
> > When I (using your application) change my password, you could
> > combine my new password with a secret value and then send the
> > result to the PG server (so now the PG server thinks that my
<[EMAIL PROTECTED]> wrote:
Say that your application offers a way for each user to set/change
his own password.
When I (using your application) change my password, you could
combine my new password with a secret value and then send the
result to the PG server (so now the PG server thinks
> >> My application implements field and row level security.
> >> I have custom table of users where user privileges are described.
> >>
> >> However user can login directly to database using pgAdmin. This bypasses
> >> the security.
> >>
> >> How to allow users to login only from my application ?
On Thu, Feb 01, 2007 at 10:24:51 +0900,
Paul Lambert <[EMAIL PROTECTED]> wrote:
>
> If you hide the database username and password within your application
> (i.e. encrypted within the source code) so they cannot see the
> credentials that you connect to the database with internally then they
Oops, making a fool of myself again. I don't think this is possible.
Code signing authentication works by comparing an application to a
digital signature that can't be generated without a password. Since the
server doesn't have a copy of the application or signature, it won't
work. Oh well,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/31/07 20:00, Paul Lambert wrote:
> Mark Walker wrote:
>> One other thing. Another approach to this problem would be to have
>> some sort of code signing/authentication capabilities for the
>> postgresql server. For instance, you login as an adm
But you don't have to turn it on by default for any particular database,
and you could sign any application you want for your individual server.
Paul Lambert wrote:
Mark Walker wrote:
One other thing. Another approach to this problem would be to have
some sort of code signing/authentication
Mark Walker wrote:
One other thing. Another approach to this problem would be to have some
sort of code signing/authentication capabilities for the postgresql
server. For instance, you login as an administrator (some sort of
enhanced privs), you get to look at the databases you have permissio
One other thing. Another approach to this problem would be to have some
sort of code signing/authentication capabilities for the postgresql
server. For instance, you login as an administrator (some sort of
enhanced privs), you get to look at the databases you have permission
for. Otherwise,
If hiding the password in your application is an option, i.e. you only
have one database your application will ever connect to, then at least
scramble the password within your application with some complex algorithm.
If you can't hide the password in your application, then you need to
deny acc
Andrus wrote:
Run the application on a machine you control. Then the application can
authenticate without the users being able to steal or piggyback on its
credentials.
Thank you for reply.
My application is GUI applicatio which must run in customer computer and
accesses to 5432 port in remote
> If only certain privileged users are supposed to use pgAdmin, can you
> arrange so that only they have access to it in the first place? - such as
> granting execute permissions on pgAdmin only to the privileged users?
PgAdmin can be ran from customer computer.
It is not possible to disable cus
> Run the application on a machine you control. Then the application can
> authenticate without the users being able to steal or piggyback on its
> credentials.
Thank you for reply.
My application is GUI applicatio which must run in customer computer and
accesses to 5432 port in remote PostgreSQL
However user can login directly to database using pgAdmin. This bypasses
the security.
If only certain privileged users are supposed to use pgAdmin, can you
arrange so that only they have access to it in the first place? - such
as granting execute permissions on pgAdmin only to the privileged
On Sun, Jan 28, 2007 at 23:46:27 +0200,
Andrus <[EMAIL PROTECTED]> wrote:
> My application implements field and row level security.
> I have custom table of users where user privileges are described.
>
> However user can login directly to database using pgAdmin. This bypasses
> the security.
>
>> My application implements field and row level security.
>> I have custom table of users where user privileges are described.
>>
>> However user can login directly to database using pgAdmin. This bypasses
>> the security.
>>
>> How to allow users to login only from my application ?
>> I think I m
> Doesn't pg_hba.conf just deal with user connections? If you denied via
> pg_hba.conf, wouldn't you also deny access for the application? Can
> pg_hba.conf authenticate based on a per application basis? I wasn't aware
> of anything like that. I'm not an expert on this, so I could be wrong.
Furface wrote:
2. Restricting certain tables to certain users. Well that's easy. You
just use the "grant" command.
3. Restricting certain columns of certain tables to certain users. This
would be something like an "approved" or "active" column where only
administrators can set these value
Doesn't pg_hba.conf just deal with user connections? If you denied via
pg_hba.conf, wouldn't you also deny access for the application? Can
pg_hba.conf authenticate based on a per application basis? I wasn't
aware of anything like that. I'm not an expert on this, so I could be
wrong.
This
Andrus wrote:
My application implements field and row level security.
I have custom table of users where user privileges are described.
However user can login directly to database using pgAdmin. This bypasses
the security.
How to allow users to login only from my application ?
I think I must c
My application implements field and row level security.
I have custom table of users where user privileges are described.
However user can login directly to database using pgAdmin. This bypasses
the security.
How to allow users to login only from my application ?
I think I must create server-side
30 matches
Mail list logo
