Re: postgres authentication question - Mailing list pgsql-novice

From Jim Nasby
Subject Re: postgres authentication question
Date
Msg-id 34ADDADB-8453-440C-8C2F-7541C060E162@decibel.org
Whole thread Raw
In response to postgres authentication question  (Tom Allison <tallison@tacocat.net>)
List pgsql-novice
On Nov 18, 2006, at 8:36 AM, Tom Allison wrote:
> I'm putting a postgresql installation into my DMZ and want to make
> sure I have an understanding of what makes sense and what does not
> in terms of security.

IF you're only using ident with ident servers you can trust (ie:
localhost), then I can't think of any security issue with using it.
For someone to spoof ident credentials on localhost you either have
to allow them to do it (some identd's support that, but most I've
seen turn it off by default), or they'd have to compromise your
identd. And if they can compromise your identd on the database
server, you're pretty much hosed anyway.
--
Jim Nasby                                            jim@nasby.net
EnterpriseDB      http://enterprisedb.com      512.569.9461 (cell)



pgsql-novice by date:

Previous
From: Jim Nasby
Date:
Subject: Re: Benchmarking PostgreSQL against others on Windows?
Next
From: Jim Nasby
Date:
Subject: Re: Benchmarking PostgreSQL against others on Windows?