On Tue, 11 May 2004, zuhans@iname.com wrote: > hello, > > i'm very new to postgres and have a fundamental question. > how do i make a pg-db most secure? > i feel, that pg_user e.g. ist something very dangerous - isn't it? if > someone hacks into a db, then he has lots of information at his/her > fingertips. is this so? > > what do i do to prevent my db from beeing hacked? Hiding what is in pg_user (note the password field is blanked out) would qualify as obscurity, not security. Security is provided by things like checking the connection libraries postgresql uses to make sure there are no buffer overflows or that things that would let a user gain unauthorized access are not in place. This topic comes up about once every three months, with someone thinking that being able to see the database schema represents a security threat. obscurity <> security PostgreSQL is, as far as I've been able to ascertain, quite secure, as long as you've configured it properly. For instance, having authentication set to trust means that anyone can become anyone else. That's fine if you and two other dbas are the only people who connect to the machine, but in an environment were hundreds of users may be using the database cluster, you can't rely on trust anymore, and have to go to md5 passwords or ident authentication. Forcing users to connect via SSL with md5 passwords is generally considered the most secure method for connections. What a user can see of the rest of the database is not a security issue, though in an environment with thousands of users, it could be a usability issue, where someone has to look through hundreds and hundreds of tables to find their own. Which is why seperate databases and / or schemas are often used. But in general, PostgreSQL is very well designed and quite secure. ---------------------------(end of broadcast)--------------------------- TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org
