Re: Automating logins for mundane chores - Mailing list pgsql-general

From Ron Johnson
Subject Re: Automating logins for mundane chores
Date
Msg-id 46C7ACEC.2040503@cox.net
Whole thread Raw
In response to Re: Automating logins for mundane chores  ("Phoenix Kiula" <phoenix.kiula@gmail.com>)
List pgsql-general
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/18/07 21:10, Phoenix Kiula wrote:
> On 18/08/07, Ron Johnson <ron.l.johnson@cox.net> wrote:
>>
>> On 08/18/07 06:02, Phoenix Kiula wrote:
>> [snip]
>>> Thanks for this. I am logged in as root. Put it there and it works. I
>> Well, that's your first problem.
>>
>> And second.  And third.
>
>
>
> Thanks for the kick in the derierre. Have set it all up to operate as
> user postgres. Or is that insecure too?

Whenever thinking about security, the question to ask yourself is:
am I doing anything which would make it easier for a Bad Guy to gain
access to my data or systems.  Then, do the opposite.

Examples:

Using a powerful account for mundane activities?  Use a mundane
account instead.  (As Joshua pointed out, "postgres" is a powerful
account.)

Sending important data over the wire (or worse, wireless) in clear
text?  Encrypt it.

Vulnerable to SQL injection attacks by sending fully formed SQL
statements across the wire?  Use prepared statements instead.

- --
Ron Johnson, Jr.
Jefferson LA  USA

Give a man a fish, and he eats for a day.
Hit him with a fish, and he goes away for good!

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGx6zsS9HxQb37XmcRAndxAJ0YJ1mGQ1+erBsDuq3/iCN3q6ZcsgCgsVpd
F0/q8sPWoWs4qgFhbP65NyM=
=syP0
-----END PGP SIGNATURE-----

pgsql-general by date:

Previous
From: "Joshua D. Drake"
Date:
Subject: Re: Automating logins for mundane chores
Next
From: "Joey K."
Date:
Subject: Seeking datacenter PITR backup procedures [RESENDING]