Re: BUG #14194: Why do these bases are open to public access?

On Thu, Jun 16, 2016 at 9:57 AM, David G. Johnston <
david(dot)g(dot)johnston(at)gmail(dot)com> wrote:

> On Wed, Jun 15, 2016 at 3:25 PM, <yobas(at)bk(dot)ru> wrote:
>
>> The following bug has been logged on the website:
>>
>> Bug reference: 14194
>> Logged by: Alex
>> Email address: yobas(at)bk(dot)ru
>> PostgreSQL version: Unsupported/Unknown
>> Operating system: Windows 7 x64
>> Description:
>>
>> I will begin immediately with the fact, if we look for an inquiry
>> shodan.io
>> "database "template0" is not currently", then we have a list of 5960 hosts
>> an open database. Here are a couple of examples in pictures
>> https://yadi.sk/d/_7cK7CxNsWs6i
>
>
> Maybe something is getting lost in translation here, and sorry, but I'm
> not going to click a random link for this...but "template0" is basically a
> system database that should never be touched.​ The behavior you are seeing
> is intended. This is not a bug nor, really, a good bug report. It usually
> helps to actually ask a question and/or state what your expectation is.
>
> David J.
>

David - I agree with you. Taking a look at the shodan.io "Search Engine for
IoT" my guess is this was a surprise to have ~6K postgresql hosts exposed
on the internet. Of course, PostgreSQL by default does not allow remote
connections and it is up to the user to expose the port through their
firewall to the wide open internet.