Search Postgresql Archives

Re: Automating logins for mundane chores

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/18/07 21:10, Phoenix Kiula wrote:
> On 18/08/07, Ron Johnson <ron.l.johnson@xxxxxxx> wrote:
>>
>> On 08/18/07 06:02, Phoenix Kiula wrote:
>> [snip]
>>> Thanks for this. I am logged in as root. Put it there and it works. I
>> Well, that's your first problem.
>>
>> And second.  And third.
> 
> 
> 
> Thanks for the kick in the derierre. Have set it all up to operate as
> user postgres. Or is that insecure too?

Whenever thinking about security, the question to ask yourself is:
am I doing anything which would make it easier for a Bad Guy to gain
access to my data or systems.  Then, do the opposite.

Examples:

Using a powerful account for mundane activities?  Use a mundane
account instead.  (As Joshua pointed out, "postgres" is a powerful
account.)

Sending important data over the wire (or worse, wireless) in clear
text?  Encrypt it.

Vulnerable to SQL injection attacks by sending fully formed SQL
statements across the wire?  Use prepared statements instead.

- --
Ron Johnson, Jr.
Jefferson LA  USA

Give a man a fish, and he eats for a day.
Hit him with a fish, and he goes away for good!

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGx6zsS9HxQb37XmcRAndxAJ0YJ1mGQ1+erBsDuq3/iCN3q6ZcsgCgsVpd
F0/q8sPWoWs4qgFhbP65NyM=
=syP0
-----END PGP SIGNATURE-----

---------------------------(end of broadcast)---------------------------
TIP 2: Don't 'kill -9' the postmaster

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux