Re: postgres authentication question

From: Jim Nasby <decibel(at)decibel(dot)org>
To: Tom Allison <tallison(at)tacocat(dot)net>
Cc: pgsql-novice(at)postgresql(dot)org
Subject: Re: postgres authentication question
Date: 2006-11-28 02:56:08
Message-ID: 34ADDADB-8453-440C-8C2F-7541C060E162@decibel.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-novice

On Nov 18, 2006, at 8:36 AM, Tom Allison wrote:
> I'm putting a postgresql installation into my DMZ and want to make
> sure I have an understanding of what makes sense and what does not
> in terms of security.

IF you're only using ident with ident servers you can trust (ie:
localhost), then I can't think of any security issue with using it.
For someone to spoof ident credentials on localhost you either have
to allow them to do it (some identd's support that, but most I've
seen turn it off by default), or they'd have to compromise your
identd. And if they can compromise your identd on the database
server, you're pretty much hosed anyway.
--
Jim Nasby jim(at)nasby(dot)net
EnterpriseDB http://enterprisedb.com 512.569.9461 (cell)

In response to

Browse pgsql-novice by date

  From Date Subject
Next Message operationsengineer1 2006-11-29 01:03:56 Re: Benchmarking PostgreSQL against others on Windows?
Previous Message Jim Nasby 2006-11-28 02:52:00 Re: SSL