| From: | "Dan Langille" <dan(at)langille(dot)org> |
|---|---|
| To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>, PostgreSQL-documentation <pgsql-docs(at)postgresql(dot)org> |
| Cc: | PostgreSQL-documentation <pgsql-docs(at)postgresql(dot)org> |
| Subject: | Re: [HACKERS] What goes into the security doc? |
| Date: | 2003-08-30 12:49:07 |
| Message-ID: | 3F506503.25957.2E3E1BF3@localhost |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-docs pgsql-hackers |
I've started. I'm wondering how much we need to cover here and how
much can be delegated to other sections of the documentation. Before
I get very far into this, I want to get some ideas as to what we
need.
This is what I have so far:
http://www.freebsddiary.org/tmp/PostgreSQL-security.txt
cheers
On 16 Aug 2003 at 12:41, Bruce Momjian wrote:
>
> Now that we are in beta, does someone want to tackle a "security"
> section in the docs?
>
>
> ---------------------------------------------------------------------------
>
> Dan Langille wrote:
> > With reference to my post to the "PostgreSQL Password Cracker" on
> > 2003-01-02, I've promised to write a security document for the project.
> > Here it is, Sunday night, and I can't sleep. What better way to get there
> > than start this task...
> >
> > My plan is to write this in very simple HTML. I will post the draft
> > document on my website and post the URL here from time to time for
> > feedback. Please make suggestions for content. So far, I will cover these
> > items:
> >
> > - .pgpass (see
> > http://developer.postgresql.org/docs/postgres/libpq-files.html)
> > - local connections
> > - remote connections (recommending SSL)
> > - pg_hba (only in passing, most of that is at
> > http://www.postgresql.org/idocs/index.php?client-authentication.html)
> > - running the postmaster as a specific user
> >
> > That doesn't sound like much. Surely you can think of something else to
> > add. Should I post this to another list for their views?
> >
> > OK, that's done it. I'm ready for sleep now.
> >
> >
> > ---------------------------(end of broadcast)---------------------------
> > TIP 5: Have you checked our extensive FAQ?
> >
> > http://www.postgresql.org/users-lounge/docs/faq.html
> >
>
> --
> Bruce Momjian | http://candle.pha.pa.us
> pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
> + If your life is a hard drive, | 13 Roberts Road
> + Christ can be your backup. | Newtown Square, Pennsylvania 19073
>
--
Dan Langille : http://www.langille.org/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2003-08-30 14:15:39 | Re: [HACKERS] What goes into the security doc? |
| Previous Message | Bruce Momjian | 2003-08-30 04:52:59 | Re: Automatic documentation spell check |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff | 2003-08-30 13:08:51 | Re: Selecting random rows efficiently |
| Previous Message | Hans-Jürgen Schönig | 2003-08-30 12:12:21 | Is it a memory leak in PostgreSQL 7.4beta? |