| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Christopher Browne <cbbrowne(at)acm(dot)org> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Oracle DB Worm Code Published |
| Date: | 2006-01-07 20:25:06 |
| Message-ID: | 590.1136665506@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Christopher Browne <cbbrowne(at)acm(dot)org> writes:
>> A recent article about an Oracle worm:
>> http://www.eweek.com/article2/0,1895,1880648,00.asp
>> got me wondering.
> PostgreSQL doesn't allow network access, by default, which more than
> makes up for that.
You would have to both alter postgresql.conf (to make the postmaster
listen for anything except local connections) and alter pg_hba.conf
to let people in. Of course, if you were fool enough to set pg_hba.conf
to allow "trust" connections from the whole net, you'd have a door open
even wider than Oracle's. But I hope that's not common.
A worm can't be successful unless there's a fairly large population of
vulnerable machines. I am sure that there are *some* PG installations
out there that are wide open, but I doubt there are enough to make a
worm viable.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Marcos José Setim | 2006-01-07 20:38:54 | Performance Low Using the Prepare and Execute |
| Previous Message | Angshu Kar | 2006-01-07 20:13:28 | COPY to |