Participants
Ian Maddox
Ian Maddox
Peter Eisentraut
Peter Eisentraut
Alvaro Herrera
Alvaro Herrera
Attachments
Show all attachments
Thread Outline
#1Ian MaddoxIan Maddox
May 02, 2018
#2Peter EisentrautPeter Eisentrautto Ian Maddox (#1)
May 03, 2018
#3Alvaro HerreraAlvaro Herrerato Peter Eisentraut (#2)
May 05, 2018
#4Ian MaddoxIan Maddoxto Alvaro Herrera (#3)
May 06, 2018

Request: Revive the security-specific section

Started by Ian Maddoxalmost 8 years ago4 messagesdocs
Jump to latest
#1Ian Maddox
Ian Maddox
ianmaddox@google.com

Hello,

Google Cloud Blog recently published a guide on securing DBs in the cloud
<https://cloudplatform.googleblog.com/2018/04/best-practices-for-securing-your-Google-Cloud-databases.html&gt;
and tried to link to your latest docs on hardening Postgres, but all we
could find is this doc from version 7
<https://www.postgresql.org/docs/7.0/static/security.htm&gt;. It appears that
the knowledge from that page has been redistributed across the manual in
versions 8+, making it difficult to point to a single authoritative
resource. I'm writing to request that a single section on security be
revived in a future revision of the manual.

Thank you,

Ian Maddox
Google Cloud Solutions Architect

#2Peter Eisentraut
Peter Eisentraut
peter_e@gmx.net
In reply to: Ian Maddox (#1)
Re: Request: Revive the security-specific section

On 5/2/18 18:59, Ian Maddox wrote:

Google Cloud Blog recently published a guide on securing DBs in the
cloud
<https://cloudplatform.googleblog.com/2018/04/best-practices-for-securing-your-Google-Cloud-databases.html&gt;
and tried to link to your latest docs on hardening Postgres, but all we
could find is this doc from version 7
<https://www.postgresql.org/docs/7.0/static/security.htm&gt;.

That seems of dubious use. More than half the information on that page
is no longer applicable.

It appears> that the knowledge from that page has been redistributed

across the

manual in versions 8+, making it difficult to point to a single
authoritative resource. I'm writing to request that a single section on
security be revived in a future revision of the manual.

I see where you are coming from. However, I think security concerns
exist in every aspect of the system. So as a user when I'm dealing with
operating system integration, or schema design, or backups, or
replication, or monitoring, etc., then I want to know about the security
concerns on that subject.

--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

#3Alvaro Herrera
Alvaro Herrera
alvherre@2ndquadrant.com
In reply to: Peter Eisentraut (#2)
Re: Request: Revive the security-specific section

Peter Eisentraut wrote:

On 5/2/18 18:59, Ian Maddox wrote:

It appears that the knowledge from that page has been redistributed
across the manual in versions 8+, making it difficult to point to a
single authoritative resource. I'm writing to request that a single
section on security be revived in a future revision of the manual.

I see where you are coming from. However, I think security concerns
exist in every aspect of the system. So as a user when I'm dealing
with operating system integration, or schema design, or backups, or
replication, or monitoring, etc., then I want to know about the
security concerns on that subject.

Curiously enough, we got a request on the Spanish list today
/messages/by-id/CALhQua6tAY+b+oH10OOm24sank43quQoVnoZpPDO5r6YQ4eXow@mail.gmail.com
about a "hardening guide". I think it is not completely out of the
question to have a separate slim section listing things to keep in mind
in order to harden a PostgreSQL installation. It doesn't have to be
terribly thorough -- rather it'd be mostly links to other places in the
docs where detailed information about each element can be found.

--
�lvaro Herrera https://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

#4Ian Maddox
Ian Maddox
ianmaddox@google.com
In reply to: Alvaro Herrera (#3)
Re: Request: Revive the security-specific section

Alvaro,

That's exactly what I'd hope to see as well.

On Sat, May 5, 2018, 12:45 PM Alvaro Herrera <alvherre@2ndquadrant.com>
wrote:

Show quoted text

Peter Eisentraut wrote:

On 5/2/18 18:59, Ian Maddox wrote:

It appears that the knowledge from that page has been redistributed
across the manual in versions 8+, making it difficult to point to a
single authoritative resource. I'm writing to request that a single
section on security be revived in a future revision of the manual.

I see where you are coming from. However, I think security concerns
exist in every aspect of the system. So as a user when I'm dealing
with operating system integration, or schema design, or backups, or
replication, or monitoring, etc., then I want to know about the
security concerns on that subject.

Curiously enough, we got a request on the Spanish list today

/messages/by-id/CALhQua6tAY+b+oH10OOm24sank43quQoVnoZpPDO5r6YQ4eXow@mail.gmail.com
about a "hardening guide". I think it is not completely out of the
question to have a separate slim section listing things to keep in mind
in order to harden a PostgreSQL installation. It doesn't have to be
terribly thorough -- rather it'd be mostly links to other places in the
docs where detailed information about each element can be found.

--
Álvaro Herrera https://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

← Back to Topics