Re: Postgresql -- initial impressions and comments

scott.marlowe <scott.marlowe@ihs.com>

From: "scott.marlowe" <scott.marlowe@ihs.com>
To: <wsheldah@lexmark.com>
Cc: "j.random.programmer" <javadesigner@yahoo.com>, <pgsql-general@postgresql.org>
Date: 2002-12-04T23:13:58Z
Lists: pgsql-general
On Wed, 4 Dec 2002 wsheldah@lexmark.com wrote:

> 
> Thanks for your summary and very constructive criticism. I've also found
> the postgresql community to be very helpful and supportive. (Thanks
> everyone!)
> 
> I want to add something with regard to security and running as root.
> First, if postgresql runs as root and is bound to an internal interface,
> someone getting root access to the box through a postgresql exploit would
> have access to everything on that box, including other interfaces. Second,
> many security threats and attacks are launched from within companies, or
> from within corporate firewalls. You need to guard against these as well.
> This could happen either because an employee or contractor decides to work
> against the company for whatever reason, or because another box on the LAN
> is compromised from outside, and is then used to attack other servers
> within the LAN. You can never have too many layers of security, especially
> when you get an extra layer for the low low price of adding another user
> and group. :-)

also, think of a mistake with the copy command:

copy table to /etc/passwd;
or
copy table to /dev/hda;

As postgres, no big deal.  Access denied.  As root, kaboom.