"Albe Laurenz" <[email protected]> writes:
> Here is my personal security checklist for PostgreSQL:
> - Check that there is no SQL function with SECURITY DEFINER.
Uh, that seems a pretty strange restriction. Generally, if you are
actually concerned about security at the SQL-command level, you're
going to have to have some SECURITY DEFINER functions. You can't
build a Unix system without suid programs, either.
> - Check that pg_hba.conf forbids remote connections to use "password",
> "crypt" or "ident" authentication.
Most people think that remote "ident" is not very secure.
regards, tom lane
--
Sent via pgsql-general mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
