Skip site navigation (1) Skip section navigation (2)

Re: Re: Red Hat to support PostgreSQL

From: Lincoln Yeoh <lyeoh(at)pop(dot)jaring(dot)my>
To: teg(at)redhat(dot)com (Trond Eivind Glomsrød ), "Steve Wolfe" <steve(at)iboats(dot)com>
Cc: <pgsql-general(at)postgresql(dot)org>
Subject: Re: Re: Red Hat to support PostgreSQL
Date: 2001-06-27 05:36:54
Message-ID: 3.0.5.32.20010627133654.014a7300@192.228.128.13 (view raw or flat)
Thread:
Lists: pgsql-general
At 07:00 PM 27-06-2001 -0400, Trond Eivind Glomsrød wrote:
>"Steve Wolfe" <steve(at)iboats(dot)com> writes:
>
>> > Previous to version 7.1, RHL wasn't very secure by default.  This is one
>> of
>> > the most common complaints I hear.  7.1 can be made quite secure out of
>> the
>> > box without any special config -- just leave the firewall config at the
>> > default of 'HIGH' -- of course, I've now heard complaints that it is then
>> > 'too secure' :-).
>> 
>>   Myself, I'd prefer that they'd just leave the insecure services off by
>> default, rather than using a firewall as a "band-aid". ; )
>
>ALmost all services are off as well. Openssh is on, sendmail is on
>(but only accepts connects from the local machine), portmap is on and
>that's about it.

Why openssh, portmap and sendmail?

I'm not familiar with RH7 and later, but the older redhat's distros had way
too much on by default. I have to keep turning off inetd.

Still I use RH coz I can't be bothered to keep tweaking my kernel for
development servers (I still tweak for the firewall). The max process/users
and other similar default settings from www.linux.org just don't cut it.

Cheerio,
Link.


In response to

Responses

pgsql-general by date

Next:From: Joshua Adam GinsbergDate: 2001-06-27 05:49:20
Subject: Complicated query... is there a simpler way?
Previous:From: Philip MolterDate: 2001-06-27 04:58:56
Subject: Re: Weird error

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group