X-Original-To: pgsql-docs-postgresql.org@localhost.postgresql.org Received: from localhost (unknown [64.117.224.130]) by svr1.postgresql.org (Postfix) with ESMTP id 2A37BD1B8AA for ; Sat, 30 Aug 2003 12:48:34 +0000 (GMT) Received: from svr1.postgresql.org ([64.117.224.193]) by localhost (neptune.hub.org [64.117.224.130]) (amavisd-new, port 10024) with ESMTP id 29896-01 for ; Sat, 30 Aug 2003 09:48:03 -0300 (ADT) Received: from bast.unixathome.org (bast.unixathome.org [66.11.174.150]) by svr1.postgresql.org (Postfix) with ESMTP id 9259DD1B574 for ; Sat, 30 Aug 2003 09:48:01 -0300 (ADT) Received: from wocker (wocker.unixathome.org [192.168.0.99]) by bast.unixathome.org (Postfix) with ESMTP id 2A1663D28; Sat, 30 Aug 2003 08:47:57 -0400 (EDT) From: "Dan Langille" To: Bruce Momjian , PostgreSQL-documentation Date: Sat, 30 Aug 2003 08:49:07 -0400 MIME-Version: 1.0 Subject: Re: [HACKERS] What goes into the security doc? Cc: PostgreSQL-documentation Message-ID: <3F506503.25957.2E3E1BF3@localhost> In-reply-to: <200308161641.h7GGfvO08515@candle.pha.pa.us> References: <20030119234411.S76103-100000@m20.unixathome.org> X-mailer: Pegasus Mail for Windows (v4.02a) Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body X-Virus-Scanned: by amavisd-new at postgresql.org X-Archive-Number: 200308/86 X-Sequence-Number: 1946 I've started. I'm wondering how much we need to cover here and how much can be delegated to other sections of the documentation. Before I get very far into this, I want to get some ideas as to what we need. This is what I have so far: http://www.freebsddiary.org/tmp/PostgreSQL-security.txt cheers On 16 Aug 2003 at 12:41, Bruce Momjian wrote: > > Now that we are in beta, does someone want to tackle a "security" > section in the docs? > > > --------------------------------------------------------------------------- > > Dan Langille wrote: > > With reference to my post to the "PostgreSQL Password Cracker" on > > 2003-01-02, I've promised to write a security document for the project. > > Here it is, Sunday night, and I can't sleep. What better way to get there > > than start this task... > > > > My plan is to write this in very simple HTML. I will post the draft > > document on my website and post the URL here from time to time for > > feedback. Please make suggestions for content. So far, I will cover these > > items: > > > > - .pgpass (see > > http://developer.postgresql.org/docs/postgres/libpq-files.html) > > - local connections > > - remote connections (recommending SSL) > > - pg_hba (only in passing, most of that is at > > http://www.postgresql.org/idocs/index.php?client-authentication.html) > > - running the postmaster as a specific user > > > > That doesn't sound like much. Surely you can think of something else to > > add. Should I post this to another list for their views? > > > > OK, that's done it. I'm ready for sleep now. > > > > > > ---------------------------(end of broadcast)--------------------------- > > TIP 5: Have you checked our extensive FAQ? > > > > http://www.postgresql.org/users-lounge/docs/faq.html > > > > -- > Bruce Momjian | http://candle.pha.pa.us > pgman@candle.pha.pa.us | (610) 359-1001 > + If your life is a hard drive, | 13 Roberts Road > + Christ can be your backup. | Newtown Square, Pennsylvania 19073 > -- Dan Langille : http://www.langille.org/