On Monday 18 August 2003 21:08, Cody Phanekham wrote: > I should of mentioned that the server is a dedicated PHP / PostgreSQL > server, therefore no other user would have access to it. > > My only concern is *if* the server gets compromised, then the attacker > would have access to the DB without too much effort. > If by "comprimised" you mean rooted, then the attacker can do whatever they like on the system anyways. If someone has root on a box ... they have access to the DB ... with or without a password to begin with. Andy
