Re: [Gnumed-devel] removing test data

[Jim Busser]

On 8-Aug-09, at 11:34 AM, Karsten Hilbert wrote:

"Unless you

have made other changes making setting a password relevant

at all this (setting a password) won't help. And if you did

make that other change you prevent Debian from automatically

maintaining your databases."

I accept that the change of the postgres password was irrelevant to the solution... I suppose I was testing whether an initialized postgres (whose pw I forgot and therefore reset) would be allowed to even alter the gnumed databases.

Does it make any difference to GNUmed, in terms of bootstrap or update scripts or any other GNUmed database needs, whether the postgres system user was initialized, or whether (and what) is the postgres system and database users' passwords? Or does GNUmed care only about gm-dbo?

Also, at present, knowledge of the gm-dbo password is very powerful because it permits to delete patients, drop the database, and anything in between.

If an office manager presently needs to be given that password in order to be able to add users to GNUmed, is that too much power, given that the person could

psql -h hostname gnumed_vN -U gm-dbo -f do_what_they_want.sql

or does the above require that the individual have access to a system account into which they could ssh and additionally have sudo or root access?

ALTER ROLE postgres WITH ENCRYPTED PASSWORD 'mypassword';

You need this password to connect to the PostgreSQL server remotely

with the postgres role, as described below.

Remote access should not be allowed for "postgres" at all.

Do you mean remote access as user postgres, to thwart hackers attempting generic access to the machine (even while, if I understand correctly, a legitimate admin with sudo access could still ssh into the machine and sudo su - postgres if relevant to some maintenance?)