Home > mailing lists

Re: Security Concerns over User 'postgres' - Mailing list pgsql-admin

From	Tom Lane
Subject	Re: Security Concerns over User 'postgres'
Date	September 22, 2006 19:08:36
Msg-id	9540.1158952105@sss.pgh.pa.us Whole thread Raw
In response to	Security Concerns over User 'postgres' ("Lane Van Ingen" <lvaningen@esncc.com>)
Responses	Re: Security Concerns over User 'postgres' Re: Security Concerns over User 'postgres'
List	pgsql-admin

Tree view

"Lane Van Ingen" <lvaningen@esncc.com> writes:
> We created our PostgreSQL instance by compiling it from source, and the
> instance is working just fine. User postgres runs the service; we do not
> know what the password is, and we think it got created automatically by the
> compile / install process.

Are you sure it even *has* a password?  In the default RPM installation,
user postgres is created without any password --- the only way to become
postgres is to su there from root, and if you've got root you hardly
need to crack into postgres.

            regards, tom lane

pgsql-admin by date:

From: "Lane Van Ingen"
Date: 22 September 2006, 18:48:34
Subject: Security Concerns over User 'postgres'

From: "Marcelo Costa"
Date: 22 September 2006, 19:38:09
Subject: Re: Security Concerns over User 'postgres'

Re: Security Concerns over User 'postgres' - Mailing list pgsql-admin

Previous

Next