From: | Bruce Momjian <maillist(at)candle(dot)pha(dot)pa(dot)us> |
---|---|
To: | Jan Wieck <jwieck(at)debis(dot)com> |
Cc: | tgl(at)sss(dot)pgh(dot)pa(dot)us, dms(at)wplus(dot)net, pgsql-hackers(at)postgreSQL(dot)org |
Subject: | Re: [HACKERS] Installation procedure wishest |
Date: | 1999-06-18 16:48:44 |
Message-ID: | 199906181648.MAA29320@candle.pha.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> Bruce Momjian wrote:
>
> >
> > > But if you have choosen the conservative way of beeing a site
> > > admin, noone will ever tell you if you forgot to DISABLE a
> > > feature after a 50 hour restore marathon.
> >
> > Yes, the same reason postmaster -i flag is required to enable tcp/ip.
>
> That's a detail I'm in doubt about. Our defaults for AF_UNIX
> sockets is trust (and AFAIK must be because identd cannot
> handle them). Thus any user who has a local shell account
> could easily become db user postgres.
>
> I think a default of host-localhost-ident-sameuser and giving
> superusers the builtin right to become everyone would gain
> higher security.
But can we assume ident is running. I don't think so.
--
Bruce Momjian | http://www.op.net/~candle
maillist(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 1999-06-18 17:36:42 | Re: [HACKERS] Installation procedure wishest |
Previous Message | Bruce Momjian | 1999-06-18 16:47:35 | Re: [HACKERS] Re: Apparent bug in _make_subplan |