On 06/08/2018 04:34 PM, Steve Atkins wrote:
> I've noticed a steady trickle of reports of postgresql servers being compromised via being left available to the
internetwith insecure or default configuration, or brute-forced credentials. The symptoms are randomly named binaries
beinguploaded to the data directory and executed with the permissions of the postgresql user, apparently via an
extensionor an untrusted PL.
>
> Is anyone tracking or investigating this?
>
Please cite actual instances of such reports. Vague queries like this
help nobody.
Furthermore, security concerns are best addressed to the security
mailing list.
cheers
andrew
--
Andrew Dunstan https://www.2ndQuadrant.com
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services