public inbox for [email protected]
help / color / mirror / Atom feedFrom: Bruce Momjian <[email protected]>
To: Dan Langille <[email protected]>
Cc: PostgreSQL-documentation <[email protected]>
Subject: Re: [HACKERS] What goes into the security doc?
Date: Sat, 16 Aug 2003 22:13:26 -0400 (EDT)
Message-ID: <[email protected]> (raw)
In-Reply-To: <3F3EABA4.7982.1ADA889@localhost>
I would say any time before 7.4 final, which should be in 4-6 weeks.
---------------------------------------------------------------------------
Dan Langille wrote:
> Given I'm the smartass that volunteered in the first place, perhaps I
> should complete what I started.
>
> I work well with a deadline. When do you want this done?
>
> On 16 Aug 2003 at 12:41, Bruce Momjian wrote:
>
> > Now that we are in beta, does someone want to tackle a "security"
> > section in the docs?
> >
> >
> > ---------------------------------------------------------------------------
> >
> > Dan Langille wrote:
> > > With reference to my post to the "PostgreSQL Password Cracker" on
> > > 2003-01-02, I've promised to write a security document for the project.
> > > Here it is, Sunday night, and I can't sleep. What better way to get there
> > > than start this task...
> > >
> > > My plan is to write this in very simple HTML. I will post the draft
> > > document on my website and post the URL here from time to time for
> > > feedback. Please make suggestions for content. So far, I will cover these
> > > items:
> > >
> > > - .pgpass (see
> > > http://developer.postgresql.org/docs/postgres/libpq-files.html)
> > > - local connections
> > > - remote connections (recommending SSL)
> > > - pg_hba (only in passing, most of that is at
> > > http://www.postgresql.org/idocs/index.php?client-authentication.html)
> > > - running the postmaster as a specific user
> > >
> > > That doesn't sound like much. Surely you can think of something else to
> > > add. Should I post this to another list for their views?
> > >
> > > OK, that's done it. I'm ready for sleep now.
> > >
> > >
> > > ---------------------------(end of broadcast)---------------------------
> > > TIP 5: Have you checked our extensive FAQ?
> > >
> > > http://www.postgresql.org/users-lounge/docs/faq.html
> > >
> >
> > --
> > Bruce Momjian | http://candle.pha.pa.us
> > [email protected] | (610) 359-1001
> > + If your life is a hard drive, | 13 Roberts Road
> > + Christ can be your backup. | Newtown Square, Pennsylvania 19073
> >
>
>
> --
> Dan Langille : http://www.langille.org/
>
--
Bruce Momjian | http://candle.pha.pa.us
[email protected] | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
view thread (20+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: [HACKERS] What goes into the security doc?
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox