[pgpool-general: 1608] Re: watchdog root requirement
Bruce Momjian
bruce at momjian.us
Fri Apr 12 00:13:18 JST 2013
On Thu, Apr 11, 2013 at 11:09:01AM -0400, Kyle O'Donnell wrote:
> I'm no security expert either, but I do work in finance and the
> information security teams have approved using sudo to execute
> escalated privileges without a password.
>
> IMHO the best option is to just run whatever is in the configuration
> for ifconfig/arping. If it succeeds, great. If it fails, exit with
> an error. It's better to beg for forgiveness than ask permission as
> far as I'm concerned :)
>
> Failing that, I would think the next best option is a configuration
> parameter in pgpool.conf (dontcheckroot=yes or something). Second
> best would be command line option for the pgpool binary. Compile time
> option would be fine, but not the best option.
>
...
> So your idea is edit /etc/sudoers to allow to execute via sudo arping
> and ifconfig without password? I'm not a security expert but this
> sounds like a good idea to me.
The only other method I have seen for the starting process to fork a
child that retains root and it changes to another username, and only
uses the root child process for limited uses.
--
Bruce Momjian <bruce at momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ It's impossible for everything to be true. +
More information about the pgpool-general
mailing list