Peter Eisentraut wrote: > On 5/2/18 18:59, Ian Maddox wrote: > > It appears that the knowledge from that page has been redistributed > > across the manual in versions 8+, making it difficult to point to a > > single authoritative resource. I'm writing to request that a single > > section on security be revived in a future revision of the manual. > > I see where you are coming from. However, I think security concerns > exist in every aspect of the system. So as a user when I'm dealing > with operating system integration, or schema design, or backups, or > replication, or monitoring, etc., then I want to know about the > security concerns on that subject.
Curiously enough, we got a request on the Spanish list today https://www.postgresql.org/message-id/calhqua6tay+b+oh10oom24sank43quqovnozppdo5r6yq4e...@mail.gmail.com about a "hardening guide". I think it is not completely out of the question to have a separate slim section listing things to keep in mind in order to harden a PostgreSQL installation. It doesn't have to be terribly thorough -- rather it'd be mostly links to other places in the docs where detailed information about each element can be found. -- Álvaro Herrera https://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
