security Archives - 2ndQuadrant

Posts

Setting SSL/TLS protocol versions with PostgreSQL 12

November 27, 2019/2 Comments/in 2ndQuadrant, Eisentraut's PlanetPostgreSQL, PostgreSQL /by Peter Eisentraut

PostgreSQL 12 contains two new server settings: ssl_min_protocol_version ssl_max_protocol_version As the names indicate, these are used to control the oldest (minimum) and newest (maximum) version of the SSL and TLS protocol family that the server will accept. (For historical reasons, in PostgreSQL, all settings related to SSL and TLS are named ssl_something, even though TLS […]

PostgreSQL Meltdown

January 10, 2018/0 Comments/in Simon's PlanetPostgreSQL /by Simon Riggs

Spectre and Meltdown have caused severe alarm in recent days. You may have read about up to 30% impact on PostgreSQL databases, which I believe to be overstated because of misunderstandings in the media. Let’s dig into this in more detail. TL;DR Summary: no PostgreSQL patch required, -7% performance hit In response to these new […]

Application users vs. Row Level Security

May 30, 2016/10 Comments/in 2ndQuadrant, PostgreSQL, Tomas' PlanetPostgreSQL /by Tomas Vondra

A few days ago I’ve blogged about the common issues with roles and privileges we discover during security reviews. Of course, PostgreSQL offers many advanced security-related features, one of them being Row Level Security (RLS), available since PostgreSQL 9.5. As 9.5 was released in January 2016 (so just a few months ago), RLS is fairly […]

Auditing Users and Roles in PostgreSQL

May 20, 2016/5 Comments/in 2ndQuadrant, PostgreSQL, Tomas' PlanetPostgreSQL /by Tomas Vondra

One of the services we offer are security reviews (or audits, if you want), covering a range of areas related to security. It may be a bit surprising, but a topic that often yields the most serious issues is roles and privileges. Perhaps the reason why roles and privileges are a frequent source of issues […]

Emulating row security in PostgreSQL 9.4

December 9, 2015/0 Comments/in Craig's PlanetPostgreSQL /by craig.ringer

PostgreSQL 9.5 adds declarative row security. You can declare policies on tables and have them enforced automatically – for example, allowing user joe to only see rows with the owner column equal to joe. This is a great feature, and it’s been a long time coming. It didn’t make it into PostgreSQL 9.4, but automatically […]

Ansible Loves PostgreSQL

October 19, 2015/7 Comments/in 2ndQuadrant, Featured, Gulcin's PlanetPostgreSQL, PostgreSQL /by Gulcin Yildirim

Ansible is simply great and PostgreSQL is surely awesome, let’s see how they work amazingly together!

Row security in PostgreSQL – Overview

February 26, 2014/5 Comments/in Craig's PlanetPostgreSQL /by craig.ringer

In the next week I will be writing a series of posts about the row-security work I’ve been doing for PostgreSQL 9.4 as part of the EU’s AXLE project. I will be outlining the history, approaches tried, current status, remaining issues, and future work required. To open the series, I’d like to talk about what […]

How do PostgreSQL security_barrier views work?

November 7, 2013/7 Comments/in Craig's PlanetPostgreSQL, PostgreSQL /by craig.ringer

You might have seen the support added for security_barrier views in PostgreSQL 9.2. I’ve been looking into that code with an eye to adding automatic update support for them as part of progressing row-level security work for the AXLE project, and I thought I’d take the chance to explain how they work. Robert already explained […]

Posts

Setting SSL/TLS protocol versions with PostgreSQL 12

PostgreSQL Meltdown

Application users vs. Row Level Security

Auditing Users and Roles in PostgreSQL

Emulating row security in PostgreSQL 9.4

Ansible Loves PostgreSQL

Row security in PostgreSQL – Overview

How do PostgreSQL security_barrier views work?

Support & Services

Products

Postgres Learning Center

About Us