Sender: owner-postgres95@postgres.Berkeley.EDU
X-Return-Path: andrew_yu
Received: from dune.silkroad.com (bass@dune.silkroad.com [165.209.1.2]) by nobozo.CS.Berkeley.EDU (8.6.10/8.6.3) with ESMTP id JAA17430 for <postgres95@nobozo.CS.Berkeley.EDU>; Sun, 5 Nov 1995 09:56:28 -0800
Received: (from bass@localhost) by dune.silkroad.com (8.6.12/8.6.9) id MAA06632; Sun, 5 Nov 1995 12:53:56 -0500
From: Tim Bass <bass@dune.silkroad.com>
Message-Id: <199511051753.MAA06632@dune.silkroad.com>
Subject: Re: Security?
To: elwood@rumba.m.isar.de (Konstantinos Agouros)
Date: Sun, 5 Nov 1995 12:53:56 -0500 (EST)
Cc: postgres95@postgres.Berkeley.EDU
In-Reply-To: <m0tC7Hu-000J7bC@rumba.m.isar.de> from "Konstantinos Agouros" at Nov 5, 95 04:47:14 pm
X-Mailer: ELM [version 2.4 PL24 PGP2]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 1246      
Resent-To: postgres95-redist
Resent-Date: Sun, 05 Nov 95 09:56:30 -0800
Resent-From: pglite
Resent-XMts: smtp

> 
> Hi,
> 
> I have a question about security. As I haven't tried out postgres in a networked
> Environment I am not quite sure how authentication works across a network.
> Could somebody enlighten me as I am too lazy for a 'use the source luke'
> 
> Konstantin

There are others who can answer this better ...... but I can tell you
a very simple concern....

the postmaster runs happily on a port and anyone with access to that
port, unrestricted, could wipe out an entire database....

One method is to filter the port at your firewall... maybe someone
can enlighten us on other non-kerberos postgres techniques.

-Tim


-- 
+--------------------------------------------------------------------------+
| Tim Bass                           | #include<campfire.h>                | 
| Principal Network Systems Engineer |       for(beer=100;beer>1;beer++){  |
| The Silk Road Group, Ltd.          |           take_one_down();          |
|                                    |           pass_it_around();         |
| http://www.silkroad.com/           |       }                             |
|                                    |  back_to_work(); /*never reached */ | 
+--------------------------------------------------------------------------+

===============================================================================
  To unsubscribe from the Postgres95 mailing list, send mail with the subject
  line "DEL" to "postgres95-request@postgres.Berkeley.EDU". 
============  URL: http://s2k-ftp.CS.Berkeley.EDU:8000/postgres95/  ===========