From: | Ian Barwick <barwick(at)gmx(dot)net> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Lincoln Yeoh <lyeoh(at)pop(dot)jaring(dot)my> |
Cc: | pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Security note: MS SQL is current worm vector |
Date: | 2001-11-25 18:17:44 |
Message-ID: | 200111251916.UAA18834@post.webmailer.de |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Sunday 25 November 2001 18:13, Tom Lane wrote:
> Lincoln Yeoh <lyeoh(at)pop(dot)jaring(dot)my> writes:
> > Yeah, by default Postgresql ships practically without any access
> > controls.
>
(...)
> I do wonder whether we shouldn't list "think about your access controls"
> as an explicit step in the installation instructions or server startup
> instructions. The default configuration is definitely uncool on
> multiuser machines, but a novice might not find that out till too late.
It might be worth explicitly mentioning the following:
1) use initdb with the -W option, so that a superuser password
is set during db initialisation and before the server is started;
2) before starting the server change the appropriate settings
in pg_hba.conf from 'trusted' to 'password' (or whatever other
authentication system is to be used).
Particularly the point about initdb with -W isn't mentioned
in the "7.1 Administrator's Guide" (section 3.2, 'Creating
a database cluster'), which is probably the first port of call
for many first time admin/users.
Following these steps should exclude any possibility
of even local users gaining uncontrolled access to the
backend. (Motto: "Never Trust Anyone" ;-)
Yours
Ian Barwick
From | Date | Subject | |
---|---|---|---|
Next Message | Rene Pijlman | 2001-11-25 19:00:29 | Re: Funny timezone shift causes failure in test suite |
Previous Message | Tom Lane | 2001-11-25 17:13:42 | Re: Security note: MS SQL is current worm vector |