On Tue, 19 Aug 2003, Cody Phanekham wrote:
> I should of mentioned that the server is a dedicated PHP / PostgreSQL
> server, therefore no other user would have access to it.
>
> My only concern is *if* the server gets compromised, then the attacker
> would have access to the DB without too much effort.
If the server gets compromised, you've lost. If they just get to execute
arbitrary code as the httpd user, you've lost, if they can execute
arbitrary code as root you've doubly lost.
Unless youre system is designed for anonymous database access to be
secure, you can't really protect it from a rogue web server.