----- Original Message -----
From: "Chris Browne" <cbbrowne@acm.org>
To: pgsql-general@postgresql.org
Sent: Thursday, June 08, 2006 01:30 PM
Subject: [GENERAL] Password for postgresql superuser?
> jqpx37@iprive.com ("jqpx37") writes:
>
> > Is there any security risk in the postgresql superuser having a
> > password?
> >
> > I installed a Linux distro recently and had it install Postgresql.
> > It automatically set up the postgres account; the account was set up
> > with no password.
> >
> > I could of course create a password, but it's not clear to me that's
> > a good thing from a security standpoint.
>
> That depends on your security policies.
>
> There's a pretty good argument to be made that a 'postgres' account
> should only permit people in via "su -", in which case it might not
> need to have an individual password...
Thanks for your response.
I found allusions to the point your making, though no detailed explanation. It makes sense even without a thorough
explication.
Best wishes
> --
> (format nil "~S@~S" "cbbrowne" "cbbrowne.com")
> http://www3.sympatico.ca/cbbrowne/oses.html
> "If you give someone Fortran, he has Fortran.
> If you give someone Lisp, he has any language he pleases."
> -- Guy L. Steele Jr.
>
> ---------------------------(end of broadcast)---------------------------
> TIP 3: Have you checked our extensive FAQ?
>
> http://www.postgresql.org/docs/faq