Don't forget to CC: the list!
L van der Walt wrote:
> Example: On a MS Windows Server with MS SQL Server. The administrator
> with the administrator username and password can not access the SQL
> server data. He also needs the SA username and password for the SQL
> server to do so. He can stop and start the server and so on but not
> access the data.
He might not be able to directly access the DB, but he can certainly
gain access to the raw data files/backups/passwords and gain access that
way.
> How do I secure a system in the same way with Linux and PostgreSQL.
Unix security is a big topic, but basically if someone has root access,
then they can gain access to anything on that machine.
However, you can make it harder by requiring passwords for PG and not
storing them on the machine (other than in their hashed form within the
database). Of course that means you'll need to supply a password for any
automatic tasks (e.g. autovacuum etc) which I don't see as being easy if
you don't store them on the same machine.
But basically, you need to be able to trust the person with the root
login - it is more powerful than a standard MS-Windows administrator
account. Do your administrators need root access?
--
Richard Huxton
Archonet Ltd