Re: What goes into the security doc?
От | Dan Langille |
---|---|
Тема | Re: What goes into the security doc? |
Дата | |
Msg-id | 3E310ED4.2715.5D39B3DB@localhost обсуждение исходный текст |
Ответ на | Re: What goes into the security doc? ("Christopher Kings-Lynne" <chriskl@familyhealth.com.au>) |
Список | pgsql-hackers |
On 22 Jan 2003 at 13:29, Christopher Kings-Lynne wrote: > Recommend always running "initdb -W" and setting all pg_hba entries to md5. Thanks. I also encountered this item on IRC: [09:26] <fede2> Guys, is there a problem with using /bin/true of /bin/false as the shell of the postgres user? The docs only says "adduser postgres" , witch will give postgres a nice shell. [09:27] <fede2> I'm asking because the guys from Gentoo (thats a distro FWIW), want to use either /bin/false of /bin/true as postgres' shell. [09:27] <dvl> fede2: it means you won't be able to become the postgres user to run commands. [09:27] <mmc_> ... to run SHELL commands. [09:29] <fede2> dvl: Aldo it's not the same, one could use "su -c foo postgres" to workarround it. [09:30] <fede2> dvl: I was wondering if it had an even heavier reason, besides that. [09:34] <mmc_> fede2: tha manpage of su says, that -c args is treated by the login shell ! [09:35] <fede2> mmc_: Hmm.. true. That makes it a heavy enough reason. Thanks. [09:35] * fede2 departs -- Dan Langille : http://www.langille.org/
В списке pgsql-hackers по дате отправления: