From: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
---|---|
To: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
Cc: | Ian Maddox <ianmaddox(at)google(dot)com>, pgsql-docs(at)postgresql(dot)org |
Subject: | Re: Request: Revive the security-specific section |
Date: | 2018-05-05 19:45:38 |
Message-ID: | 20180505194538.52lb4ju3lgptpbuf@alvherre.pgsql |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-docs |
Peter Eisentraut wrote:
> On 5/2/18 18:59, Ian Maddox wrote:
> > It appears that the knowledge from that page has been redistributed
> > across the manual in versions 8+, making it difficult to point to a
> > single authoritative resource. I'm writing to request that a single
> > section on security be revived in a future revision of the manual.
>
> I see where you are coming from. However, I think security concerns
> exist in every aspect of the system. So as a user when I'm dealing
> with operating system integration, or schema design, or backups, or
> replication, or monitoring, etc., then I want to know about the
> security concerns on that subject.
Curiously enough, we got a request on the Spanish list today
https://www.postgresql.org/message-id/CALhQua6tAY+b+oH10OOm24sank43quQoVnoZpPDO5r6YQ4eXow@mail.gmail.com
about a "hardening guide". I think it is not completely out of the
question to have a separate slim section listing things to keep in mind
in order to harden a PostgreSQL installation. It doesn't have to be
terribly thorough -- rather it'd be mostly links to other places in the
docs where detailed information about each element can be found.
--
Álvaro Herrera https://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
From | Date | Subject | |
---|---|---|---|
Next Message | Ian Maddox | 2018-05-06 07:01:27 | Re: Request: Revive the security-specific section |
Previous Message | Peter Eisentraut | 2018-05-03 14:03:17 | Re: Request: Revive the security-specific section |