Re: Anyone can create tables! - Mailing list pgsql-general

From Chris Humphries
Subject Re: Anyone can create tables!
Date
Msg-id 20010311114116.A25934@mail.com
Whole thread Raw
In response to Anyone can create tables!  (Dan McGrath <dmcgrath19@home.com>)
List pgsql-general
mmm, i think this is getting out of hand. I told you on irc that a db
should be more conserned with being a db than a security policy of
people accessing it. It sounds to me like you need to set up your network
different and the security policies around this db(s).

I mean only certian ip's should even be able to route to the box to begin
with. why would you even let anyone access a db box in the first place?!
this is just silly to me. and never, ever leave a db box open to the outside
world, it should be hiding behind some firewall(s depending on your company)
and not be routeable except by certian static internal ips.

now if after this you have a problem, then people accessing the static ip
boxes and/or spoofing the ip from another box, that is another problem that
has nothing to do with postgresql at all.

i dont even see why this should be on the list.

yes all this security built into the db would be handy, but i'd rather they
work on it just working and being compliant with standards, and keeping good
data integrity and not crashing under heavy loads etc...

anyways, i'm spend *gasping for air*,

Chris Humphries
Systems Administrator and DBA
CD3 Storage Systems

pgsql-general by date:

Previous
From: Tom Lane
Date:
Subject: Re: Strange Message
Next
From: "Richard Huxton"
Date:
Subject: Re: how do i create trigger with params?