Postgres authentication hardening #232

New issue

Open

opened 2024-08-28 15:31:26 +00:00 by teutat3s · 0 comments

teutat3s commented 2024-08-28 15:31:26 +00:00

Owner

Copy link

Letting every system and DB user have access to all data is dangerous.
...
Postgres supports "user name maps", which limit which system users can log in as which DB user:

services.postgresql.identMap

https://wiki.nixos.org/wiki/PostgreSQL#Security

>Letting every system and DB user have access to all data is dangerous. > ... >Postgres supports "[user name maps](https://www.postgresql.org/docs/current/auth-username-maps.html)", which limit which system users can log in as which DB user: `services.postgresql.identMap` https://wiki.nixos.org/wiki/PostgreSQL#Security

teutat3s added the

Security

label 2024-08-28 15:31:32 +00:00

teutat3s added this to the Hakken Autumn 03-2024 project 2024-10-21 08:58:38 +00:00

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

ci-treefmt

docs-garage

docs-cachix

feat/automated-account-deletion

ssl-cert-warning

feat/matrix-moderation-draupnir

nginx-maintenance

feat/matrix-moderation

fix/use-nix-firewall-nat-feature-for-forgejo-redirect

feat/loomio

feat/matrix-hookshot

feat/libreddit

feat/invidious

No results found.

Labels

Clear labels   

Bug

  

Docs

  

Feature request

  

Good for newcomers

  

Infra

  

Privacy

  

Refactoring or migration

  

Security

No labels

Bug

Docs

Feature request

Good for newcomers

Infra

Privacy

Refactoring or migration

Security

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Hakken Autumn 03-2024

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: pub-solar/infra#232

No description provided.