Re: Spoofing as the postmaster

On Dec 23, 2007 1:25 PM, Bruce Momjian <bruce@momjian.us> wrote:
> I have written documentation for this item:
>
>         http://momjian.us/tmp/pgsql/server-shutdown.html#SERVER-SPOOFING
>
> Comments?

I thought the content made sense, but the location didn't.  I wouldn't
expect to find instructions on configuring Postgres for secure
operation under a section about how to shut the server down.

I realise that in order for the exploit to occur, the server must be
shut down (or not yet started), but unless a user already knows about
the way the exploit works, how will they know to look for info about
it here?

IMO by putting this guidance under "Shutting Down" you're going to
hurt the chances of anyone stumbling across it.  I doubt you'd get
many users reading "Shutting Down" at all because in most cases, it's
an easy or obvious thing to do (initscripts provided by package and
pg_ctl are self-explanatory).

Regards,
BJ