|
| From: | Gerald Wiese |
| Subject: | [Health-dev] Secure PostgreSQL connection? |
| Date: | Thu, 27 Jan 2022 16:18:12 +0100 |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 |
Hey,
I remember someone questionning the PostgreSQL connection method during the GNU Health Con because pretty much everywhere in documentations "local all trust" is advised.
Is it really used like this for productive settings?
For example here it says:
The trust authentication method should only be used in exceptional circumstances, if at all, as it allows a matching client to connect to the server with no further authentication.
trust is useful for testing and development work on the local machine where connecting via a UDS and when only fully trusted users have access to the machine, and data security is not a concern.
It is also a useful mechanism for resetting passwords in the server if there is no other way to login; temporarily allow trust access to connections from a UDS, connect to the server and reset the password, and then disable the trust access again.
Use trust with extreme care. It can be very dangerous!"
If there is already a better approach, please let me know. Otherwise I could try to find a better way on my own.
Best
Gerald
| [Prev in Thread] | Current Thread | [Next in Thread] |