> A recent article about an Oracle worm: > http://www.eweek.com/article2/0,1895,1880648,00.asp > got me wondering. > Could a worm like this infect a PostgreSQL installation? > It seems to depend on default usernames and passwords - > and lazy DBAs, IMO. > Isn't it true that PostgreSQL doesn't have any default user/password? > Is this an issue we should be concerned about, at some level? PostgreSQL doesn't allow network access, by default, which more than makes up for that. -- "cbbrowne","@","cbbrowne.com" http://cbbrowne.com/info/slony.html "...Yet terrible as Unix addiction is, there are worse fates. If Unix is the heroin of operating systems, then VMS is barbiturate addiction, the Mac is MDMA, and MS-DOS is sniffing glue. (Windows is filling your sinuses with lucite and letting it set.) You owe the Oracle a twelve-step program." --The Usenet Oracle
