Re: Security note: MS SQL is current worm vector - Mailing list pgsql-hackers

From Tom Lane
Subject Re: Security note: MS SQL is current worm vector
Date
Msg-id 4182.1006708422@sss.pgh.pa.us
Whole thread Raw
In response to Re: Security note: MS SQL is current worm vector  (Lincoln Yeoh <lyeoh@pop.jaring.my>)
Responses Re: Security note: MS SQL is current worm vector
Re: Security note: MS SQL is current worm vector
List pgsql-hackers
Lincoln Yeoh <lyeoh@pop.jaring.my> writes:
> Yeah, by default Postgresql ships practically without any access controls.

It ain't *that* bad.  The default configuration is "no remote access,
period", even if you give -i in the postmaster switches.  True, there
are no local access controls by default, but unless someone ignores
the instructions and runs the postmaster as "bin" or another
quasi-privileged user, there's no way I can see to use the database to
break into root.  (Barring site security holes, which could be exploited
by any local user anyway.)

MS SQL's problem is that any remote attacker who can reach the machine
by TCP is instantly root, or whatever the equivalent concept is on NT.
If you don't have the server port firewalled you're a sitting duck.

I do wonder whether we shouldn't list "think about your access controls"
as an explicit step in the installation instructions or server startup
instructions.  The default configuration is definitely uncool on
multiuser machines, but a novice might not find that out till too late.         regards, tom lane


pgsql-hackers by date:

Previous
From: "Dalibor Andzakovic"
Date:
Subject: Re: Security note: MS SQL is current worm vector
Next
From: Rene Pijlman
Date:
Subject: Re: [JDBC] Funny timezone shift causes failure in test suite