Re: Disable executing external commands from psql?

OK, hadn't seen your response (and Stephen Frost's) before sending
mine.  I think I hear everybody loud and clear--bad idea!

Ken

On 06/01/2010 06:47 PM, Craig Ringer wrote:
> On 02/06/10 08:06, Ken Tanzer wrote:
>
>
>> Somehow, exposing my database ports to the internet scares me more than
>> any (possibly crazy) stuff I'm trying to do.  :)
>>
> Why? Surely it's less scary than exposing ssh+shell access (!!), even if
> you think the shell is locked down to running only a crippled version of
> psql.
>
> You can use SSL with client certificates to lock down access to the
> database if you don't trust simple SSL-protected username/password
> authentication alone.
>
> Given the choice, I'd expose Pg to the Internet _any_ day before even
> considering exposing semi-public ssh access when I didn't absolutely
> have to.
>
>
>> But seriously I think I need to give them accounts--I'm setting up
>> online instances of a web app, so they have a set of (editable) PHP
>> files, possibly some storage, a log file, etc.  It seemed that setting
>> each up as its own user was better than going through some uber-process
>> that had access to all the files.
>>
> Sounds like you need to provide them with a web interface to do the
> work, and have the web app talk to Pg.
>
> --
> Craig Ringer
>


--
-------------------------------------------------------
AGENCY Software
For nonprofits that want to take control of their data

Use it.  Like it.  Share it.  Build it.  Buy it.
http://agency-software.org
-------------------------------------------------------