Hi Depesz, thank you. Most of your suggestions are in our plans. We plan to grant only the necessary rights, filtering explicit IP addresses and so on. We are going to consider applying a VPN. Also we are going to consider logging all the querie executed by the server. You mentioned that pg8 provides some functions regarding this. Where to serch for more info? How thay name this feature? Many thanks, -- Csaba -----Original Message----- From: hubert depesz lubaczewski [mailto:depesz@xxxxxxxxx] Sent: Monday, June 20, 2005 7:58 PM To: Együd Csaba Cc: pgsql-general@xxxxxxxxxxxxxx Subject: Re: Making the DB secure On 6/17/05, Együd Csaba <csegyud@xxxxxxx> wrote: > Hi, <snip> couple of things: 1. make sure postgresql is in a very tight chroot environment. without shell or anything else. 2. make sure you have list of all client ips, and use firewall to allow them, and only them to access postgresql port. all other connections should be rejected on firewall level, not application level!. 3. accept connections only through ssl (as for what you need - both client and server has to be build and linked agains openssl library). 4. if above is not possible - enforce usage of vpn. i would suggest openvpn - it's much easier to setup then ipsec based vpns, and yet it still holds all security measures. 5. define unique users inside of database for each real user. give them only the rights they need to have - not even a single "SELECT" more. 6. when possible - revoke select access to tables, grant select access to views 7. when possible - revoke all access to tables, grant execute access to functions which will be modifying database (just define them with "security definer" flag). 8. log all queries to files. with postgresql 8 it's easier then it ever was. dont log through syslog! 9. log all system activities - you can use grsecurity patches for extended auditing. 10. using grsecurity or selinux or lids or ... - block unnecessary accesses on system level (acls) 11. pray. this is what we do commercially, and as for now - it works great. best regards, depesz -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.323 / Virus Database: 267.7.7/20 - Release Date: 2005.06.16. -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.323 / Virus Database: 267.7.7/20 - Release Date: 2005.06.16. ---------------------------(end of broadcast)--------------------------- TIP 6: Have you searched our list archives? http://archives.postgresql.org