Skip site navigation (1) Skip section navigation (2)

Re: Installing PostgreSQL as "postgress" versus "root" Debate!

From: list-pgsql-admin(at)news(dot)cistron(dot)nl ("Miquel van Smoorenburg" )
To: pgsql-admin(at)postgresql(dot)org
Subject: Re: Installing PostgreSQL as "postgress" versus "root" Debate!
Date: 2005-01-29 17:16:38
Message-ID: ctggdm$en0$ (view raw, whole thread or download thread mbox)
Lists: pgsql-admin
In article <4001DEAF7DF9BD498B58B45051FBEA650207ABAA(at)25exch1(dot)vicorpower(dot)vicr(dot)com>,
Goulet, Dick <DGoulet(at)vicr(dot)com> wrote:
> Well, someone I can wholeheartedly agree with.  So it really does not
>matter who owns the binaries.  Once the right account gets hacked your
>had.  If they hack root your dead, if they hack postgres the database is
>had although the server may survive.  In either case the state of your
>backups is your saving grace or doom.

No, it's easier to hack postgres, as the database is running
as the postgres user. If you allow something like PgPerl, it's
even trivial. The PgPerl script runs as user postgres, and can
trojan e.g. the psql executable. The next time someone (perhaps
even root ... ) runs psql, they're 0wned.

Now it's not that bad an idea to install postgres as a non-root
user .. but use a DIFFERENT account to actually start and run
postgres. That way your binaries are protected.

E.g. install postgres as user 'pgbin', so that all binaries are
owned by 'pgbin', then run it as user 'postgres'.


In response to

pgsql-admin by date

Next:From: Peter EisentrautDate: 2005-01-29 18:53:26
Subject: Re: Problem with unicode support
Previous:From: Michael FuhrDate: 2005-01-28 23:45:07
Subject: Re: SET command

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group