Home > mailing lists

Re: Oracle DB Worm Code Published - Mailing list pgsql-general

From	Christopher Browne
Subject	Re: Oracle DB Worm Code Published
Date	January 7, 2006 17:38:30
Msg-id	m3lkxryk7y.fsf@mobile.int.cbbrowne.com Whole thread Raw
In response to	Oracle DB Worm Code Published (TJ O'Donnell <tjo@acm.org>)
Responses	Re: Oracle DB Worm Code Published (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-general

Tree view

> A recent article about an Oracle worm:
> http://www.eweek.com/article2/0,1895,1880648,00.asp
> got me wondering.
> Could a worm like this infect a PostgreSQL installation?
> It seems to depend on default usernames and passwords -
> and lazy DBAs, IMO.
> Isn't it true that PostgreSQL doesn't have any default user/password?
> Is this an issue we should be concerned about, at some level?

PostgreSQL doesn't allow network access, by default, which more than
makes up for that.
--
"cbbrowne","@","cbbrowne.com"
http://cbbrowne.com/info/slony.html
"...Yet terrible as Unix addiction  is, there are worse fates. If Unix
is the heroin of operating systems, then VMS is barbiturate addiction,
the Mac is MDMA, and MS-DOS is sniffing glue. (Windows is filling your
sinuses  with  lucite and  letting  it set.)   You  owe  the Oracle  a
twelve-step program."  --The Usenet Oracle

pgsql-general by date:

From: "Jonel Rienton"
Date: 07 January 2006, 17:10:49
Subject: Re: The connection is dead

From: Gregory Youngblood
Date: 07 January 2006, 17:42:05
Subject: Re: E-mail harvesting on PG lists?

Re: Oracle DB Worm Code Published - Mailing list pgsql-general

Previous

Next