Christopher Browne <cbbrowne@xxxxxxx> writes: >> A recent article about an Oracle worm: >> http://www.eweek.com/article2/0,1895,1880648,00.asp >> got me wondering. > PostgreSQL doesn't allow network access, by default, which more than > makes up for that. You would have to both alter postgresql.conf (to make the postmaster listen for anything except local connections) and alter pg_hba.conf to let people in. Of course, if you were fool enough to set pg_hba.conf to allow "trust" connections from the whole net, you'd have a door open even wider than Oracle's. But I hope that's not common. A worm can't be successful unless there's a fairly large population of vulnerable machines. I am sure that there are *some* PG installations out there that are wide open, but I doubt there are enough to make a worm viable. regards, tom lane
