Re: Permission Denied When i am Trying to take Backup - Mailing list pgsql-admin

From Stuart Bishop
Subject Re: Permission Denied When i am Trying to take Backup
Date
Msg-id 254612A0-BF88-11D5-A4EF-000393031882@shangri-la.dropbear.id.au
Whole thread Raw
In response to Re: Permission Denied When i am Trying to take Backup  ("postgresql" <pgsql@symcom.com>)
List pgsql-admin
On Friday, October 12, 2001, at 10:33  PM, postgresql wrote:
>
> Could someone create a post that shows who(user) should own
> what. I have always let postgres own the pgsql directory and I see
> that it is recomended that root own it.
>

The PostgreSQL processes should be run as an unprivilidged user
(generally
a user called 'postgres'). This user should have the minimal rights to
function, which in this case is write access to the data directory.
This is why the rest of PostgreSQL should be installed owned by another
user
(generally root). This ensures that if the postgres user account is
compromised, the rights it gains an attacker are minimal. All it can do
is
trash your database. If the PostgreSQL executables were writable by the
postgres user, an attacker could install a trojan (eg. a simple wrapper
around
pgsql) and compromise further accounts on the system, eventually getting
to root.

The truely paranoid mount whatever they can from a read-only file system
(eg. CDROM or a network file system).

The same methodology should apply to all background services that do not
require being run as root. Even software which does require root privs
generally drop their privs as soon as possible (eg. Apache).

--
Stuart Bishop <zen@shangri-la.dropbear.id.au>


pgsql-admin by date:

Previous
From: "Nick Fankhauser"
Date:
Subject: Re: What is the default password for the user postgres..
Next
From: "Joe DeBrunner"
Date:
Subject: Re: psql \l problem