Re: Is there any such thing as PostgreSQL security on a hosted website? - Mailing list pgsql-general
| From | Henrik Steffen |
|---|---|
| Subject | Re: Is there any such thing as PostgreSQL security on a hosted website? |
| Date | |
| Msg-id | 014701c236ff$89d51a00$7100a8c0@topconcepts.net Whole thread Raw |
| In response to | Is there any such thing as PostgreSQL security on a hosted website? ("Scott Gammans" <nospam_deepgloat@yahoo.com>) |
| List | pgsql-general |
hi scott, in my opinion, if you really want to have security, you can't run a database in a shared environment. you should think about setting up a dedicated machine. even if there was no way to set the pg_hba.conf to TRUST, they could easily copy the whole db-root to a different machine and change the permission-settings there. your data isn't save at all, as long as anyone else has a root-pw to alter/copy/read the files. Mit freundlichem Gruß Henrik Steffen Geschäftsführer top concepts Internetmarketing GmbH Am Steinkamp 7 - D-21684 Stade - Germany -------------------------------------------------------- http://www.topconcepts.com Tel. +49 4141 991230 mail: steffen@topconcepts.com Fax. +49 4141 991233 -------------------------------------------------------- 24h-Support Hotline: +49 1908 34697 (EUR 1.86/Min,topc) -------------------------------------------------------- System-Partner gesucht: http://www.franchise.city-map.de -------------------------------------------------------- Handelsregister: AG Stade HRB 5811 - UstId: DE 213645563 -------------------------------------------------------- ----- Original Message ----- From: "Scott Gammans" <nospam_deepgloat@yahoo.com> To: <pgsql-general@postgresql.org> Sent: Friday, July 26, 2002 3:06 PM Subject: [GENERAL] Is there any such thing as PostgreSQL security on a hosted website? > (I know cross-posting is evil, but I'm not getting any responses over on the > .novice newsgroup, and I feel this is an important topic that needs > attention. Apologies in advance...) > > Summary: > > What is to stop a company that is hosting my > PostgreSQL-enabled website from changing my > pg_hba.conf file to "TRUST" so that they can go in and > snoop around my online PostgreSQL databases? > > Detail: > > My website is currently being hosted by a company that > includes 10 PostgreSQL databases, but they do not > allow me superuser access (the hosting company issues > me a PostgreSQL userid/password that does not have > "CREATEDB" privileges) and I am also on a shared > instance of PostgreSQL with other users (I can see > their userids from the phpPgAdmin tool). > > This seemed like an obvious security breach, so I > looked into another website hosting company that > offers a private instance of PostgreSQL, but they > still want to have superuser access to my databases so > that they can do things like vacuum the database. > They're willing to forgo superuser access for > themselves if I agree to pay for any support costs > that occur because they *don't* have such access, but > what is to stop them from altering the settings in > pg_hba.conf to "TRUST" so that they can go in and > snoop around my databases anyway? The answer is, > there's **nothing** to stop them from doing that, > right? > > Unless I am completely missing something, this "TRUST" > setting seems to be a gaping maw of a security hole. > And if that's true, there really isn't any point in > denying the new website host superuser access rights, > correct? And if THAT's true, I really can't use > PostgreSQL for anything private or sensitive (e.g., > storing customer credit card information), correct? > > Thanks... > > > > > > > ---------------------------(end of broadcast)--------------------------- > TIP 4: Don't 'kill -9' the postmaster
pgsql-general by date: