{"id":19693836,"url":"https://github.com/aiven-open/aiven-pg-security","last_synced_at":"2025-04-29T10:30:38.400Z","repository":{"id":146302701,"uuid":"490224944","full_name":"Aiven-Open/aiven-pg-security","owner":"Aiven-Open","description":"Aiven PostgreSQL® add-on for adding some DBaaS security ","archived":false,"fork":false,"pushed_at":"2024-11-06T09:44:00.000Z","size":629,"stargazers_count":8,"open_issues_count":4,"forks_count":4,"subscribers_count":19,"default_branch":"main","last_synced_at":"2024-11-06T10:52:07.935Z","etag":null,"topics":["add-on","postgresql","security","security-tools"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"postgresql","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Aiven-Open.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-05-09T09:53:09.000Z","updated_at":"2024-11-01T15:41:47.000Z","dependencies_parsed_at":"2024-11-06T10:44:01.132Z","dependency_job_id":"55ae9666-9a8c-46f9-9c37-e89db1f3706b","html_url":"https://github.com/Aiven-Open/aiven-pg-security","commit_stats":null,"previous_names":["aiven-open/aiven-pg-security"],"tags_count":6,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aiven-Open%2Faiven-pg-security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aiven-Open%2Faiven-pg-security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aiven-Open%2Faiven-pg-security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aiven-Open%2Faiven-pg-security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Aiven-Open","download_url":"https://codeload.github.com/Aiven-Open/aiven-pg-security/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224160374,"owners_count":17265969,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["add-on","postgresql","security","security-tools"],"created_at":"2024-11-11T19:18:22.274Z","updated_at":"2024-11-11T19:18:22.769Z","avatar_url":"https://github.com/Aiven-Open.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"Aiven PG Security Utility\n======================\nAdds utility functions to harden PostgreSQL® through shared libraries and hooks.\n\nSee our blog post about aiven-gatekeeper and PostgreSQL extension security: [Aiven's Blog](https://aiven.io/blog/aiven-security-agent-for-postgresql).\n\nOverview\n========\nThe Aiven Security Agent for PostgreSQL (aiven-gatekeeper) allows controlling which privileged functions are exposed and prevents their abuse in common privilege escalation attacks.\n\nFeatures\n============\nPrevents common privilege escalation attacks, primarily at the time of extension creation. Limits access to sensitive features and functions within PostgreSQL and compliments the existing grants and superuser checks.\n\nFor detailed features and how they work, visit the [documentation](docs/).\n\nSecurity\n===========\nAn independent, external code audit was performed and the results are available in the [docs](docs/) directory:\n* [Report letter](docs/20220805%20Aiven%20Customer%20Letter.pdf)\n* [Final report](docs/20220805%20Aiven%20Oy%20-%20Aiven%20Source%20Code%20Audit%20Retest%20Final%20Report.pdf)\n\nTo report any possible vulnerabilities or other serious issues please see our [security](SECURITY.md) policy.\n\nSetup\n============\n\nBuild and install the add on;\n```bash\n$ make\n$ cp aiven_gatekeeper.so $postgres_lib/\n\n# or make and install\n$ make install\n\n```\nConfigure PostgreSQL to use the library;\n```bash\n# edit your postgresql.conf and load the library\nshared_preload_libraries = 'aiven_gatekeeper'\n\n# restart postgresql\n```\n\nLicense\n============\nAiven PostgreSQL Security is licensed under the PostgreSQL license. Full license text is available in the [LICENSE](LICENSE) file.\n\nPlease note that the project explicitly does not require a CLA (Contributor License Agreement) from its contributors.\n\nContact\n============\nBug reports and patches are very welcome, please post them as GitHub issues and pull requests at https://github.com/aiven/aiven-pg-security .\nTo report any possible vulnerabilities or other serious issues please see our [security](SECURITY.md) policy.\n\nTrademarks\n============\nThe terms Postgres and PostgreSQL are registered trademarks of the PostgreSQL Community Association of Canada.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faiven-open%2Faiven-pg-security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faiven-open%2Faiven-pg-security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faiven-open%2Faiven-pg-security/lists"}