Re: [HACKERS] What goes into the security doc?

public inbox for [email protected]  
help / color / mirror / Atom feed

From: Bruce Momjian <[email protected]>
To: Dan Langille <[email protected]>
Cc: PostgreSQL-documentation <[email protected]>
Subject: Re: [HACKERS] What goes into the security doc?
Date: Sat, 16 Aug 2003 12:41:57 -0400 (EDT)
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>


Now that we are in beta, does someone want to tackle a "security"
section in the docs?


---------------------------------------------------------------------------

Dan Langille wrote:
> With reference to my post to the "PostgreSQL Password Cracker" on
> 2003-01-02, I've promised to write a security document for the project.
> Here it is, Sunday night, and I can't sleep.  What better way to get there
> than start this task...
> 
> My plan is to write this in very simple HTML.  I will post the draft
> document on my website and post the URL here from time to time for
> feedback. Please make suggestions for content.  So far, I will cover these
> items:
> 
> - .pgpass (see
> http://developer.postgresql.org/docs/postgres/libpq-files.html)
> - local connections
> - remote connections (recommending SSL)
> - pg_hba (only in passing, most of that is at
> http://www.postgresql.org/idocs/index.php?client-authentication.html)
> - running the postmaster as a specific user
> 
> That doesn't sound like much.  Surely you can think of something else to
> add.  Should I post this to another list for their views?
> 
> OK, that's done it.  I'm ready for sleep now.
> 
> 
> ---------------------------(end of broadcast)---------------------------
> TIP 5: Have you checked our extensive FAQ?
> 
> http://www.postgresql.org/users-lounge/docs/faq.html
> 

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  [email protected]               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073

view thread (20+ messages)  latest in thread

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected]
  Subject: Re: [HACKERS] What goes into the security doc?
  In-Reply-To: <[email protected]>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox