Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

PostgreSQL does the following things by default to prevent this:

    1. Only listen to localhost and unix sockets
    2. Not generate any default passwords
So the only way to connect to a default configured fresh installation of PostgreSQL is via UNIX sockets as the postgres unix user. Where PostgreSQL is lacking is that it is a bit more work than it should be to use SSL.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: