| From: | Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com> |
|---|---|
| To: | Yogesh Sharma <yogeshraj95(at)gmail(dot)com> |
| Cc: | pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Postgres DB hacked. |
| Date: | 2020-08-31 05:14:58 |
| Message-ID: | CAFj8pRAsJ4x9ZmBdBRAebiHmBce4ZVkrnv10RxO9_FJKVfOE=w@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
po 31. 8. 2020 v 6:58 odesílatel Yogesh Sharma <yogeshraj95(at)gmail(dot)com>
napsal:
> Dear All,
> Thanks for your support.
>
> We faced the below issue and our all DB backup data has lost.
>
> It seems Hacker deleted all the tables in the DB and created a single
> table called "warning". when I am trying to select this table so it's
> showing Error (relation "warning" does not exist). Hacker created one more
> database "please_read_me_xmg" with single 'warning' table.
>
> Could you please let us know how we can secure postgres DB from
> hackers.Although we have specified only one IP in pg_hba.conf file instead
> of all.
>
pg_hba.conf is not enough protection against SQL injection. Probably your
application is vulnerable against SQL injection.
The basic security mechanism is using more roles - one role like table,
database owner, second role(s) for applications. In this case the attacker
cannot change schema if compromite some application roles. You can use
another mechanism like - RLS - row line security, ...
Regards
Pavel
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ron | 2020-08-31 05:37:00 | Re: Postgres DB hacked. |
| Previous Message | Yogesh Sharma | 2020-08-31 04:58:07 | Postgres DB hacked. |