Tom Lane wrote:
Michael Fuhr <[EMAIL PROTECTED]> writes:
A message entitled "Having Fun With PostgreSQL" was posted to Bugtraq
today.  I haven't read through the paper yet so I don't know if the
author discusses security problems that need attention or if the
article is more like a compilation of "Stupid PostgreSQL Tricks."

It appears he's discovered the astonishing facts that

1. The out-of-the-box authentication setup is "trust".
2. A superuser can make the database do whatever he wants (within
   the OS privilege limits of the postgres user).

We've debated #1 before, and a lot of repackagers change it, but I
don't really feel a strong urge to change it in the source distro.
As for #2, that's not a bug, it's intended behavior.

On #1, the fact that we allow trust as default is embarrassing. It would be just as bad as having the default root password be password on a linux box. We should be using md5 and force passing the password with initdb.


Joshua D. Drake

                        regards, tom lane

PS: I skimmed the paper pretty fast, so it's possible I missed
something interesting, but it sure looked like "what else is new?"

---------------------------(end of broadcast)---------------------------
TIP 7: You can help support the PostgreSQL project by donating at



      === The PostgreSQL Company: Command Prompt, Inc. ===
Sales/Support: +1.503.667.4564 || 24x7/Emergency: +1.800.492.2240
Providing the most comprehensive  PostgreSQL solutions since 1997

Donate to the PostgreSQL Project:
PostgreSQL Replication:

---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
      subscribe-nomail command to [EMAIL PROTECTED] so that your
      message can get through to the mailing list cleanly

Reply via email to