| From: | Mike Nolan <nolan(at)gw(dot)tssi(dot)com> |
|---|---|
| To: | zuhans(at)iname(dot)com |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: security question |
| Date: | 2004-05-11 19:33:49 |
| Message-ID: | 200405111933.i4BJXosx029524@gw.tssi.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
> i'm very new to postgres and have a fundamental question.
> how do i make a pg-db most secure?
> i feel, that pg_user e.g. ist something very dangerous - isn't it? if
> someone hacks into a db, then he has lots of information at his/her
> fingertips. is this so?
>
> what do i do to prevent my db from beeing hacked?
If you want to make sure it is never hacked into, here are two
suggestions:
1. Don't connect it to a computer network or phone line.
2. Don't turn it on.
Seriously, most of the risks are NOT application or database-specific.
In other words, if a hacker can get to your computer, it almost definitely
isn't postgreSQL's fault, and there may not be much you can do about it
from a database perspective once the hacker gets in. If the hacker can
get dba, sysadmin or root access, you're fully compromised.
PostgreSQL has a number of security features in it to control access
privileges for both local and remote (networked) users, as do most
major database platforms. If you are a DBA, you need to be aware of
these, most of them are fairly well documented in the online manual
on postgresql.org. Specifically read the sections on GRANT and
on hba_conf.
--
Mike Nolan
| From | Date | Subject | |
|---|---|---|---|
| Next Message | scott.marlowe | 2004-05-11 20:00:11 | Re: security question |
| Previous Message | Dennis Gearon | 2004-05-11 18:50:06 | Re: bytea |