X-Original-To: pgsql-docs-postgresql.org@localhost.postgresql.org Received: from localhost (unknown [64.117.224.130]) by svr1.postgresql.org (Postfix) with ESMTP id 1C3BED1B56B for ; Sat, 30 Aug 2003 17:47:40 +0000 (GMT) Received: from svr1.postgresql.org ([64.117.224.193]) by localhost (neptune.hub.org [64.117.224.130]) (amavisd-new, port 10024) with ESMTP id 49284-04 for ; Sat, 30 Aug 2003 14:47:30 -0300 (ADT) Received: from candle.pha.pa.us (momjian.navpoint.com [207.106.42.251]) by svr1.postgresql.org (Postfix) with ESMTP id 5ADC1D1B8B5 for ; Sat, 30 Aug 2003 14:47:28 -0300 (ADT) Received: (from pgman@localhost) by candle.pha.pa.us (8.11.6/8.11.6) id h7UHlJU18908; Sat, 30 Aug 2003 13:47:19 -0400 (EDT) From: Bruce Momjian Message-Id: <200308301747.h7UHlJU18908@candle.pha.pa.us> Subject: Re: [HACKERS] What goes into the security doc? In-Reply-To: <3F5091EE.14330.2EED9222@localhost> To: Dan Langille Date: Sat, 30 Aug 2003 13:47:19 -0400 (EDT) Cc: Peter Eisentraut , PostgreSQL-documentation X-Mailer: ELM [version 2.4ME+ PL106 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-Virus-Scanned: by amavisd-new at postgresql.org X-Archive-Number: 200308/94 X-Sequence-Number: 1954 Dan Langille wrote: > On 30 Aug 2003 at 17:37, Peter Eisentraut wrote: > > > Dan Langille writes: > > > > > It has already been decided that we need something. > > > > Please point me to where this has been decided. > > I'm sure you can google as well I can can. The original message in > this thread referred to "PostgreSQL Password Cracker" posted on 2003- > 01-02. You could also search for the subject of this message. When > you find those you'll see that such a section was suggested. I took > up the task, suggested some content. Then it lingered and was > brought up again recently. Your objections are the first. > > I can't see why you, or anyone for that matter, can possibly object > to a section titled security which points to the relevent components > and parts within the documentation. As previously stated, what I have > posted is a starting point. > > You aren't being asked to do the work. Why do you care if someone > else does it? You may not need such documentation, but it will be > useful to many. I don't think we "decided" to add it, but no one has objected to the idea, except Peter recently. Does it make sense to have a security overview section in the documentation? -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073