undefined | Better HN

0 pointszie5d ago0 comments

I must have missed that in the comment stream.

It's not really any different than using pgbouncer or something similar. All it buys you is not having to use the PG protocol on the client.

There is no extra security here though. One could even argue you lose security here, since now you have to rely on the app to not get tokens confused, since they hold and use the tokens on behalf of the user. A single bad CVE in the app and one can become any user the app currently knows about.

0 comments

staticassertion5d ago

I think the conversation is suffering from trying to solve a problem that's underspecified, which is going to just lead to a lot of "what if" questions. I've explained my concern with relying on a single boundary, which should not be contentious and I have given multiple examples of potential additional controls.

j / k navigate · click thread line to collapse

0 pointszie5d ago0 comments

I must have missed that in the comment stream.

It's not really any different than using pgbouncer or something similar. All it buys you is not having to use the PG protocol on the client.

0 comments

staticassertion5d ago

j / k navigate · click thread line to collapse