Re: Securing Postgres - Mailing list pgsql-general

From Berend Tober
Subject Re: Securing Postgres
Date
Msg-id 4343E1FE.2030202@seaworthysys.com
Whole thread Raw
In response to Securing Postgres  (L van der Walt <mailing@lani.co.za>)
Responses Re: Securing Postgres
Re: Securing Postgres
List pgsql-general
L van der Walt wrote:

> I would like to secure Postgres completly.
>
> Some issues that I don't know you to fix:
> 1.  User postgres can use psql (...) to do anything.
> 2.  User root can su to postgres and thus do anything.
> 3. Disable all tools like pg_dump
>
> How do I secure a database if I don't trust the administrators.
> The administrator will not break the db but they may not view
> any information in the databse.

It may be just me and my silly old-fashion attitudes, but I kind of
think that if your sys admin(s) cannot be trusted, you are pretty much
screwed. And your hiring process needs fixing,

But being that as it may, maintaining physical security, i.e., keeping
the host server in a locked room with restricted and recorded access and
that requires at least two persons present so that collusion is required
for tampering, disabling remote root login, granting limited sys admin
privileges with sudo (which records the sudoer activities, for auditing
purposes) might be a way to accomplish what you are looking for.


pgsql-general by date:

Previous
From: Richard Huxton
Date:
Subject: Re: Securing Postgres
Next
From: Devrim GUNDUZ
Date:
Subject: Re: 8.0.1 SRPM on RHEL v.3