| From: | Craig Ringer <craig(at)postnewspapers(dot)com(dot)au> |
|---|---|
| To: | Ken Tanzer <ken(dot)tanzer(at)gmail(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Disable executing external commands from psql? |
| Date: | 2010-06-02 01:47:47 |
| Message-ID: | 4C05B843.10800@postnewspapers.com.au |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 02/06/10 08:06, Ken Tanzer wrote:
> Somehow, exposing my database ports to the internet scares me more than
> any (possibly crazy) stuff I'm trying to do. :)
Why? Surely it's less scary than exposing ssh+shell access (!!), even if
you think the shell is locked down to running only a crippled version of
psql.
You can use SSL with client certificates to lock down access to the
database if you don't trust simple SSL-protected username/password
authentication alone.
Given the choice, I'd expose Pg to the Internet _any_ day before even
considering exposing semi-public ssh access when I didn't absolutely
have to.
> But seriously I think I need to give them accounts--I'm setting up
> online instances of a web app, so they have a set of (editable) PHP
> files, possibly some storage, a log file, etc. It seemed that setting
> each up as its own user was better than going through some uber-process
> that had access to all the files.
Sounds like you need to provide them with a web interface to do the
work, and have the web app talk to Pg.
--
Craig Ringer
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ken Tanzer | 2010-06-02 01:50:44 | Re: Disable executing external commands from psql? |
| Previous Message | Stephen Frost | 2010-06-02 01:31:42 | Re: Disable executing external commands from psql? |