Re: [HACKERS] What goes into the security doc?

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>, Dan Langille <dan(at)langille(dot)org>, PostgreSQL-documentation <pgsql-docs(at)postgresql(dot)org>
Subject: Re: [HACKERS] What goes into the security doc?
Date: 2003-08-31 09:55:14
Message-ID: Pine.LNX.4.44.0308311126090.1119-100000@peter.localdomain
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-docs pgsql-hackers

Tom Lane writes:

> As I think Peter is trying to point out, you could almost get the same
> result just by having a fat index entry under "security", but I think
> people are more likely to notice a chapter or section in the Admin Guide
> with such a title. Also, once we have such a chapter, we might find it
> reads more naturally to move some of the existing discussions into it,
> leaving only a cross-reference where the material is now.

These are the topics that Dan has identified so far:

file security
database users and privileges
client authentication
libpq password files
external libraries

It makes no sense to put all these topics into one chapter, because they
have nothing in common (except "security"): they apply in different stages
of PostgreSQL use, they are managed by different programs and
environments, and they affect different people.

From that point of view, we already have security documentation:

The chapter "Server Run-time Environment" (currently ch.16) covers
security aspects for system administrators when setting up a server.

The chapter "Database Users and Privileges" (ch. 17) covers security
aspects for database administrators on the SQL level.

The chapter "Client Authentication" (ch. 18) covers security aspects
covers security aspects for database/system administrators with file
system access (depends on local policies who does that).

The section "libpq"/"The Password File" covers one particular aspect of
security of libpq applications. (There are certainly more interesting
security aspects with libpq applications. The password file is pretty
uninteresting, because if you don't secure it it's ignored anyway.)

Note that chapters 17 and 18 are exclusively dedicated to security -- you
can't even claim to miss it in the other material, and unless you don't
know what "privileges" and "authentication" are, you can't even miss them
in the table of contents. And if you start reading chapter 16, the first
two sections are all about securing the server.

The issue that started this was that there was not enough documentation
about choosing good passwords and preferably not using passwords over
non-SSL connections over public networks. I agree that this could be
improved, and it could be done by regrouping some of the above material.
But we don't need a section that just points to other sections, because
that doesn't improve the substance of the material. On the contrary, it
is known to confuse and annoy readers.

--
Peter Eisentraut peter_e(at)gmx(dot)net

In response to

Browse pgsql-docs by date

  From Date Subject
Next Message Viktor Vislobokov 2003-09-01 10:06:10 Re: PostgreSQL Tutorial in Russian
Previous Message Tom Lane 2003-08-30 21:50:59 Re: [HACKERS] What goes into the security doc?

Browse pgsql-hackers by date

  From Date Subject
Next Message Peter Eisentraut 2003-08-31 10:04:58 Re: Unixware Patch (Was: Re: Beta2 Tag'd and Bundled ...)
Previous Message Frank Schoep 2003-08-31 09:49:18 pgAdmin III translation: Dutch