| From: | SCassidy(at)overlandstorage(dot)com |
|---|---|
| To: | L van der Walt <mailing(at)lani(dot)co(dot)za>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Securing Postgres |
| Date: | 2005-10-05 16:21:15 |
| Message-ID: | OFD98C0A29.D86D4D12-ON88257091.0059AED9-88257091.0059D639@overlandstorage.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
You do know that MySQL lets you reset the root password if you forget it,
don't you? See:
http://dev.mysql.com/doc/mysql/en/resetting-permissions.html
Not terribly secure, after all.
Susan
L van der Walt
<mailing(at)lani(dot)co(dot)za> To: Richard Huxton <dev(at)archonet(dot)com>, pgsql-general(at)postgresql(dot)org
Sent by: cc:
Subject: Re: [GENERAL] Securing Postgres
pgsql-general-owner(at)pos |-------------------|
tgresql.org | [ ] Expand Groups |
|-------------------|
10/05/2005 08:27
AM
Richard Huxton wrote:
> L van der Walt wrote:
>
>> The big problem is that the administrators works for the client and
>> not for me. I don't want the client to reverse engineer my database.
>> There might be other applications on the server so the administrators
>> do require root access.
>>
>> About the raw database files, I can use encryption to protect the data.
>
>
> Well, if it's your client's machine, then they any competent
> administrator will be able to work around anything you do. They set
> the ground-rules you work in - you could be running inside a virtual
> machine and never know.
>
> If your database design is so advanced that you can't chance it
> falling into the hands of others then you'll need to keep a separate
> machine and lock it down yourself.
>
> Are your clients really so dishonest that they'd break into the
> database and take the necessary steps to hide their tracks too?
>
> --
> Richard Huxton
> Archonet Ltd
>
>
No I can not trust the clients administrators.
I have played now with MySQL and with MySQL you can change the password
for root in MySQL (same as postgres in PostgreSQL). If you use the
command line tools like dump you require the password. Just because
your root doesn't mean your root in MySQL
Can one separate the user postgres in PostgreSQL from the user postgres
in Linux(The OS)?
---------------------------(end of broadcast)---------------------------
TIP 5: don't forget to increase your free space map settings
----------------------------------------------------------------------------------------------
See our award-winning line of tape and disk-based
backup & recovery solutions at http://www.overlandstorage.com
----------------------------------------------------------------------------------------------
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Scott Marlowe | 2005-10-05 16:24:25 | Re: Securing Postgres |
| Previous Message | Welty, Richard | 2005-10-05 16:08:35 | Re: Securing Postgres |