Now that we are in beta, does someone want to tackle a "security"
section in the docs?
---------------------------------------------------------------------------
Dan Langille wrote:
> With reference to my post to the "PostgreSQL Password Cracker" on
> 2003-01-02, I've promised to write a security document for the project.
> Here it is, Sunday night, and I can't sleep. What better way to get there
> than start this task...
>
> My plan is to write this in very simple HTML. I will post the draft
> document on my website and post the URL here from time to time for
> feedback. Please make suggestions for content. So far, I will cover these
> items:
>
> - .pgpass (see
> http://developer.postgresql.org/docs/postgres/libpq-files.html)
> - local connections
> - remote connections (recommending SSL)
> - pg_hba (only in passing, most of that is at
> http://www.postgresql.org/idocs/index.php?client-authentication.html)
> - running the postmaster as a specific user
>
> That doesn't sound like much. Surely you can think of something else to
> add. Should I post this to another list for their views?
>
> OK, that's done it. I'm ready for sleep now.
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: Have you checked our extensive FAQ?
>
> http://www.postgresql.org/users-lounge/docs/faq.html
>
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073