| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Dan Langille <dan(at)langille(dot)org> |
| Cc: | PostgreSQL-documentation <pgsql-docs(at)postgresql(dot)org> |
| Subject: | Re: [HACKERS] What goes into the security doc? |
| Date: | 2003-08-17 02:13:26 |
| Message-ID: | 200308170213.h7H2DQ726885@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-docs pgsql-hackers |
I would say any time before 7.4 final, which should be in 4-6 weeks.
---------------------------------------------------------------------------
Dan Langille wrote:
> Given I'm the smartass that volunteered in the first place, perhaps I
> should complete what I started.
>
> I work well with a deadline. When do you want this done?
>
> On 16 Aug 2003 at 12:41, Bruce Momjian wrote:
>
> > Now that we are in beta, does someone want to tackle a "security"
> > section in the docs?
> >
> >
> > ---------------------------------------------------------------------------
> >
> > Dan Langille wrote:
> > > With reference to my post to the "PostgreSQL Password Cracker" on
> > > 2003-01-02, I've promised to write a security document for the project.
> > > Here it is, Sunday night, and I can't sleep. What better way to get there
> > > than start this task...
> > >
> > > My plan is to write this in very simple HTML. I will post the draft
> > > document on my website and post the URL here from time to time for
> > > feedback. Please make suggestions for content. So far, I will cover these
> > > items:
> > >
> > > - .pgpass (see
> > > http://developer.postgresql.org/docs/postgres/libpq-files.html)
> > > - local connections
> > > - remote connections (recommending SSL)
> > > - pg_hba (only in passing, most of that is at
> > > http://www.postgresql.org/idocs/index.php?client-authentication.html)
> > > - running the postmaster as a specific user
> > >
> > > That doesn't sound like much. Surely you can think of something else to
> > > add. Should I post this to another list for their views?
> > >
> > > OK, that's done it. I'm ready for sleep now.
> > >
> > >
> > > ---------------------------(end of broadcast)---------------------------
> > > TIP 5: Have you checked our extensive FAQ?
> > >
> > > http://www.postgresql.org/users-lounge/docs/faq.html
> > >
> >
> > --
> > Bruce Momjian | http://candle.pha.pa.us
> > pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
> > + If your life is a hard drive, | 13 Roberts Road
> > + Christ can be your backup. | Newtown Square, Pennsylvania 19073
> >
>
>
> --
> Dan Langille : http://www.langille.org/
>
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2003-08-17 04:37:46 | Re: [BUGS] pg 7.4beta1 doc bug: vacuum not updated |
| Previous Message | Dan Langille | 2003-08-17 02:09:40 | Re: [HACKERS] What goes into the security doc? |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jan Wieck | 2003-08-17 02:41:39 | Re: [HACKERS] Are we losing momentum? |
| Previous Message | Dan Langille | 2003-08-17 02:09:40 | Re: [HACKERS] What goes into the security doc? |