"Albe Laurenz" <laurenz.albe@xxxxxxxxxx> writes: > Here is my personal security checklist for PostgreSQL: > - Check that there is no SQL function with SECURITY DEFINER. Uh, that seems a pretty strange restriction. Generally, if you are actually concerned about security at the SQL-command level, you're going to have to have some SECURITY DEFINER functions. You can't build a Unix system without suid programs, either. > - Check that pg_hba.conf forbids remote connections to use "password", "crypt" or "ident" authentication. Most people think that remote "ident" is not very secure. regards, tom lane -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
