Home > mailing lists

Re: Poll on your LAPP Preferences - Mailing list pgsql-general

From	Alvaro Herrera
Subject	Re: Poll on your LAPP Preferences
Date	August 9, 2005 17:30:53
Msg-id	20050809172305.GC21039@alvh.no-ip.org Whole thread Raw
In response to	Poll on your LAPP Preferences ("Google Mike" <googlemike@hotpop.com>)
List	pgsql-general

Tree view

On Sat, Aug 06, 2005 at 07:59:06PM -0700, Google Mike wrote:
> As a PostgreSQL admin or developer, you may be asked to deploy a Linux
> Apache PHP PostgreSQL application. As you know, and simplifying things
> a great deal here, the pg_hba.conf file can be edited in approximately
> 7 different ways:
>
> * locked down -- no access at all (usually the default)
> * trust local access, any user
> * trust local access, specific users
> * trust remote access, any user
> * trust remote access, specific users

I'd never trust remote access, not even for specific IPs, out of fear
that somebody might be able to inject malicious commands using IP
spoofing.  SSL is a must in that situation.

--
Alvaro Herrera (<alvherre[a]alvh.no-ip.org>)
Y una voz del caos me habló y me dijo
"Sonríe y sé feliz, podría ser peor".
Y sonreí. Y fui feliz.
Y fue peor.

pgsql-general by date:

From: Alvaro Herrera
Date: 09 August 2005, 17:23:33
Subject: Re: [ADMIN] postgres & server encodings

From: Tom Lane
Date: 09 August 2005, 17:32:46
Subject: Re: [ADMIN] postgres & server encodings

Re: Poll on your LAPP Preferences - Mailing list pgsql-general

Previous

Next