Re: Security - local(TRUST) and php/perl access
| От | Dave |
|---|---|
| Тема | Re: Security - local(TRUST) and php/perl access |
| Дата | |
| Msg-id | DBEIKNMKGOBGNDHAAKGNIEOJOCAA.dave@hawk-systems.com обсуждение исходный текст |
| Ответ на | Re: Security - local(TRUST) and php/perl access ("Josh Berkus" <josh@agliodbs.com>) |
| Список | pgsql-php |
>Anything running on the same machine, whether a shell, PHP, or Perl, is
>covered by the "trust" statement, unless you make the mistake of
>routing your connection through an external interface.
this is what I was afraid of
>However, I strongly reccommend against using "trust" on any public web
>server.
agreed, thus my concern...
it appears however that if everything is set to password (or better) that
postgres doesn't start on reboot. the startup script reads
case $1 in
start)
[ -d /usr/local/pgsql/lib ] && /sbin/ldconfig -m /usr/local/pgsql/lib
[ -x /usr/local/pgsql/bin/pg_ctl ] && {
su -l pgsql -c \
'exec /usr/local/pgsql/bin/pg_ctl -w start > /usr/local/pgsql/errlog
echo -n ' pgsql'
}
;;
essentially what happens is that the startup waits for the password to be
entered, and as such that and any following services in the local/rc directory
are never started... it times out after a time (if memory serves).
workaround without security ramifications?
Dave
В списке pgsql-php по дате отправления: