[pgpool-general: 583] Re: Fwd: About Simple Streaming replication setting with pgpool-II
Tatsuo Ishii
ishii at postgresql.org
Sat Jun 2 10:13:39 JST 2012
> Hello every one in the list.
>
> Tatsuo, in the tutorial "Simple Streaming replication setting with pgpool-II", in the step when you talk about pgpoolAdmin you write "Revert /etc/passwd. In the real world system it is recommended that you create an account solely used for pgpoolAdmin and start its own apache"
>
> 1. It mean, apache user never be a login user?
>
> 2. What are the implications if apache is a login user?
More security risk, I think.
> 3. How I can resolve this recommendation?
Start apache with different port other than 80 and different
user. This will isolate pgpoolAdmin from ordinaly web service. Maybe
there's more smart way to achieve the objective by using different
method, for example virtual host but I've not tried yet.
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese: http://www.sraoss.co.jp
More information about the pgpool-general
mailing list