Re: Postgresql -- initial impressions and comments

On Wed, 4 Dec 2002 wsheldah@lexmark.com wrote:

>
> Thanks for your summary and very constructive criticism. I've also found
> the postgresql community to be very helpful and supportive. (Thanks
> everyone!)
>
> I want to add something with regard to security and running as root.
> First, if postgresql runs as root and is bound to an internal interface,
> someone getting root access to the box through a postgresql exploit would
> have access to everything on that box, including other interfaces. Second,
> many security threats and attacks are launched from within companies, or
> from within corporate firewalls. You need to guard against these as well.
> This could happen either because an employee or contractor decides to work
> against the company for whatever reason, or because another box on the LAN
> is compromised from outside, and is then used to attack other servers
> within the LAN. You can never have too many layers of security, especially
> when you get an extra layer for the low low price of adding another user
> and group. :-)

also, think of a mistake with the copy command:

copy table to /etc/passwd;
or
copy table to /dev/hda;

As postgres, no big deal.  Access denied.  As root, kaboom.