Home > mailing lists

Re: Loggingt psql meta-commands - Mailing list pgsql-general

From	John R Pierce
Subject	Re: Loggingt psql meta-commands
Date	December 11, 2015 01:52:53
Msg-id	566A0236.3010301@hogranch.com Whole thread Raw
In response to	Re: Loggingt psql meta-commands (Adrian Klaver <adrian.klaver@aklaver.com>)
Responses	Re: Loggingt psql meta-commands (oleg yusim <olegyusim@gmail.com>) Re: Loggingt psql meta-commands (Andrew Sullivan <ajs@crankycanuck.ca>)
List	pgsql-general

Tree view

On 12/10/2015 2:03 PM, Adrian Klaver wrote:
>
> So some aspect of this:
>
> https://www.stigviewer.com/stig/database_security_requirements_guide/

thats a rather insane bunch of requirements.   Reads like a wish list by
academic security researchers.

for instance
https://www.stigviewer.com/stig/database_security_requirements_guide/2015-06-23/finding/V-58123

??!?   The database server has no clue about the difference between an
"application that it supports" and a user directly querying.  The PSQL
shell, or dbadmin, is an 'application that it supports'.

at this point, speaking purely as a interested outsider (I am in no way
representing hte PG Development Group), I'd guess PostgreSQL probably
doesn't meet 2/3rds of those 'findings'.   I truly wonder if any
standard RDBMS supports all or even most of them?!?

--
john r pierce, recycling bits in santa cruz

pgsql-general by date:

From: Adrian Klaver
Date: 11 December 2015, 01:46:16
Subject: Re: Loggingt psql meta-commands

From: oleg yusim
Date: 11 December 2015, 01:58:56
Subject: Re: Loggingt psql meta-commands

Re: Loggingt psql meta-commands - Mailing list pgsql-general

Previous

Next