Quick Links

Re: Is there any such thing as PostgreSQL security on a hosted website?

From:	Richard Huxton <dev(at)archonet(dot)com>
To:	"Scott Gammans" <nospam_deepgloat(at)yahoo(dot)com>, pgsql-general(at)postgresql(dot)org
Subject:	Re: Is there any such thing as PostgreSQL security on a hosted website?
Date:	2002-07-29 12:50:47
Message-ID:	200207291350.47919.dev@archonet.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general

On Friday 26 Jul 2002 2:06 pm, Scott Gammans wrote:
> (I know cross-posting is evil, but I'm not getting any responses over on
> the .novice newsgroup, and I feel this is an important topic that needs
> attention. Apologies in advance...)
>
> Summary:
>
> What is to stop a company that is hosting my
> PostgreSQL-enabled website from changing my
> pg_hba.conf file to "TRUST" so that they can go in and
> snoop around my online PostgreSQL databases?

Your hosting company has root access to the whole server and access to the
backup tapes. You have no security from them other than the trust embodied in
a business relationship.

If you want complete control over a server, have your own server.

- Richard Huxton

In response to

Is there any such thing as PostgreSQL security on a hosted website? at 2002-07-26 13:06:53 from Scott Gammans

Browse pgsql-general by date

	From	Date	Subject
Next Message	Elielson Fontanezi	2002-07-29 12:53:24	RES: :-( Free Books
Previous Message	Francois Suter	2002-07-29 12:48:45	Re: Postgres and Perl: Which DBI module?