Re: security question

Bruno Wolff III <bruno@wolff.to>

From: Bruno Wolff III <bruno@wolff.to>
To: "zuhans@iname.com" <zuhans@iname.com>
Cc: pgsql-general@postgresql.org
Date: 2004-05-11T18:32:40Z
Lists: pgsql-general
On Tue, May 11, 2004 at 20:09:46 +0200,
  "zuhans@iname.com" <zuhans@iname.com> wrote:
> 
> i'm very new to postgres and have a fundamental question.
> how do i make a pg-db most secure?
> i feel, that pg_user e.g. ist something very dangerous - isn't it? if 
> someone hacks into a db, then he has lots of information at his/her 
> fingertips. is this so?
> 
> what do i do to prevent my db from beeing hacked?

If you don't need to provide direct access to the database from remote
hosts, only allow connections using domain sockets.