Remote Postgres access??

[Linas Vepstas]

--M9NhX3UHpAaciwkO
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Jun 26, 2001 at 05:56:34PM -0400, Derek Atkins was heard to remark:
> True, I agree with you that key management is hard.  However, SSH
> is not the answer. =20

OK, yep.

> I still maintain that a self-contained end-to-end encryption is the
> way to go.  We can use an RPC (be is SOAP/CORBA/RPC/XML+HTTP/whatver)
> to transmit information back and forth between client and server.
> Encryption is from the client app to a server that runs on the DB
> server.  Authentication can be via any number of methods
> (Kerberos/GSSAPI/SASL/Username-Password) and can hook either directly
> into the DB or the server application can proxy the authentication and
> perform the access control itself.

Sounds like you've just described a project. apache has different auth
schemes, and encryption via xml+http+ssl.  We need a generic socket+auth
mechanism, it seems.  Does S/WAN fit the bill ???

I worked breifly on a kernel module that provides an interesting level
of security (lomac, I'm ccing the mailing list).  There was some
discussion (at least inside my own head if not on the list) about
some way of extending trust over the network. (Lomac automatically
distrusts all socket connections, with an exception made for SSH,
so that sysadmins would not have to sit at the keyboard to do thier
work.)

Thus I claim that the 'right' implementation would be a kernel module
(so that its not breakable even if the root shell has been compromised,
which is something lomac protects against). The kernel module would
work with some appropriate set of authentication mechanisms to=20
verify the trustworthiness of the network connection, and then initiate
SSL on that connection. =20

You can argue that this is overkill for a database connection, but
I'm hoping that solving the broader 'how can you trust a remote
connection' problem is no harder than your proposal. =20

Lomac's kind of cool, check it out.=20

--linas


--=20
Linas Vepstas -- linas@gnumatic.com -- http://www.gnumatic.com/

--M9NhX3UHpAaciwkO
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7OVXZZKmaggEEWTMRAs+HAJ4k7Yx12VcLjodOyg5E+p4/e/69ZACdGH3m
x+sdZuIurK8KBsbeJjq8lEg=
=iZHT
-----END PGP SIGNATURE-----

--M9NhX3UHpAaciwkO--