On 12/10/2015 2:03 PM, Adrian Klaver wrote:
So some aspect of this:
https://www.stigviewer.com/stig/database_security_requirements_guide/
thats a rather insane bunch of requirements. Reads like a wish list by
academic security researchers.
for instance
https://www.stigviewer.com/stig/database_security_requirements_guide/2015-06-23/finding/V-58123
??!? The database server has no clue about the difference between an
"application that it supports" and a user directly querying. The PSQL
shell, or dbadmin, is an 'application that it supports'.
at this point, speaking purely as a interested outsider (I am in no way
representing hte PG Development Group), I'd guess PostgreSQL probably
doesn't meet 2/3rds of those 'findings'. I truly wonder if any
standard RDBMS supports all or even most of them?!?
--
john r pierce, recycling bits in santa cruz
--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
