Skip site navigation (1) Skip section navigation (2)

Re: [HACKERS] What goes into the security doc?

From: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
To: Dan Langille <dan(at)langille(dot)org>
Cc: PostgreSQL-documentation <pgsql-docs(at)postgresql(dot)org>
Subject: Re: [HACKERS] What goes into the security doc?
Date: 2003-08-17 02:13:26
Message-ID: 200308170213.h7H2DQ726885@candle.pha.pa.us (view raw or flat)
Thread:
Lists: pgsql-docspgsql-hackers
I would say any time before 7.4 final, which should be in 4-6 weeks.

---------------------------------------------------------------------------

Dan Langille wrote:
> Given I'm the smartass that volunteered in the first place, perhaps I 
> should complete what I started.
> 
> I work well with a deadline.  When do you want this done?
> 
> On 16 Aug 2003 at 12:41, Bruce Momjian wrote:
> 
> > Now that we are in beta, does someone want to tackle a "security"
> > section in the docs?
> > 
> > 
> > ---------------------------------------------------------------------------
> > 
> > Dan Langille wrote:
> > > With reference to my post to the "PostgreSQL Password Cracker" on
> > > 2003-01-02, I've promised to write a security document for the project.
> > > Here it is, Sunday night, and I can't sleep.  What better way to get there
> > > than start this task...
> > > 
> > > My plan is to write this in very simple HTML.  I will post the draft
> > > document on my website and post the URL here from time to time for
> > > feedback. Please make suggestions for content.  So far, I will cover these
> > > items:
> > > 
> > > - .pgpass (see
> > > http://developer.postgresql.org/docs/postgres/libpq-files.html)
> > > - local connections
> > > - remote connections (recommending SSL)
> > > - pg_hba (only in passing, most of that is at
> > > http://www.postgresql.org/idocs/index.php?client-authentication.html)
> > > - running the postmaster as a specific user
> > > 
> > > That doesn't sound like much.  Surely you can think of something else to
> > > add.  Should I post this to another list for their views?
> > > 
> > > OK, that's done it.  I'm ready for sleep now.
> > > 
> > > 
> > > ---------------------------(end of broadcast)---------------------------
> > > TIP 5: Have you checked our extensive FAQ?
> > > 
> > > http://www.postgresql.org/users-lounge/docs/faq.html
> > > 
> > 
> > -- 
> >   Bruce Momjian                        |  http://candle.pha.pa.us
> >   pgman(at)candle(dot)pha(dot)pa(dot)us               |  (610) 359-1001
> >   +  If your life is a hard drive,     |  13 Roberts Road
> >   +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073
> > 
> 
> 
> -- 
> Dan Langille : http://www.langille.org/
> 

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman(at)candle(dot)pha(dot)pa(dot)us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073

In response to

pgsql-docs by date

Next:From: Bruce MomjianDate: 2003-08-17 04:37:46
Subject: Re: [BUGS] pg 7.4beta1 doc bug: vacuum not updated
Previous:From: Dan LangilleDate: 2003-08-17 02:09:40
Subject: Re: [HACKERS] What goes into the security doc?

pgsql-hackers by date

Next:From: Jan WieckDate: 2003-08-17 02:41:39
Subject: Re: [HACKERS] Are we losing momentum?
Previous:From: Dan LangilleDate: 2003-08-17 02:09:40
Subject: Re: [HACKERS] What goes into the security doc?

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group