| From: | Joe Conway <mail(at)joeconway(dot)com> |
|---|---|
| To: | Bear Giles <bgiles(at)coyotesong(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Really stupid question(?) |
| Date: | 2002-05-23 20:29:47 |
| Message-ID: | 3CED513B.1070805@joeconway.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Bear Giles wrote:
> The really stupid question refers to some of the hardcoded fallback
> values in this code. The reason for having hardcoded values is to
> prevent "downgrade" attacks - you don't want to casually override the
> DBA, but you also don't want to make it easy for a knowledgeable
> attacker to fatally compromise the system in a way that your average
> DBA couldn't catch.
>
> But the problem is that knowledgeable security administrators can
> replace the common hardcoded values with their own. How do you allow
> this to be easily done?
Would GUC variables work? Put in sensible defaults and let the more
knowledgeable security admins override the defaults in postgresql.conf
Joe
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mike Castle | 2002-05-23 22:04:17 | Re: Psql 7.2.1 Regress tests failed on RedHat 7.3 |
| Previous Message | Tom Lane | 2002-05-23 20:10:39 | Re: Really stupid question(?) |