> A recent article about an Oracle worm:
> http://www.eweek.com/article2/0,1895,1880648,00.asp
> got me wondering.
> Could a worm like this infect a PostgreSQL installation?
> It seems to depend on default usernames and passwords -
> and lazy DBAs, IMO.
> Isn't it true that PostgreSQL doesn't have any default user/password?
> Is this an issue we should be concerned about, at some level?
PostgreSQL doesn't allow network access, by default, which more than
makes up for that.
--
"cbbrowne","@","cbbrowne.com"
http://cbbrowne.com/info/slony.html
"...Yet terrible as Unix addiction is, there are worse fates. If Unix
is the heroin of operating systems, then VMS is barbiturate addiction,
the Mac is MDMA, and MS-DOS is sniffing glue. (Windows is filling your
sinuses with lucite and letting it set.) You owe the Oracle a
twelve-step program." --The Usenet Oracle