-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/18/07 21:10, Phoenix Kiula wrote: > On 18/08/07, Ron Johnson <ron.l.johnson@xxxxxxx> wrote: >> >> On 08/18/07 06:02, Phoenix Kiula wrote: >> [snip] >>> Thanks for this. I am logged in as root. Put it there and it works. I >> Well, that's your first problem. >> >> And second. And third. > > > > Thanks for the kick in the derierre. Have set it all up to operate as > user postgres. Or is that insecure too? Whenever thinking about security, the question to ask yourself is: am I doing anything which would make it easier for a Bad Guy to gain access to my data or systems. Then, do the opposite. Examples: Using a powerful account for mundane activities? Use a mundane account instead. (As Joshua pointed out, "postgres" is a powerful account.) Sending important data over the wire (or worse, wireless) in clear text? Encrypt it. Vulnerable to SQL injection attacks by sending fully formed SQL statements across the wire? Use prepared statements instead. - -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGx6zsS9HxQb37XmcRAndxAJ0YJ1mGQ1+erBsDuq3/iCN3q6ZcsgCgsVpd F0/q8sPWoWs4qgFhbP65NyM= =syP0 -----END PGP SIGNATURE----- ---------------------------(end of broadcast)--------------------------- TIP 2: Don't 'kill -9' the postmaster
