Package: libnss-pgsql2 Version: 1.4.0debian-2 Severity: important Any local user can completely disable NSS resolution in DB by changing the password to the database.
Unlike mysql, postgres does not allow create a user ("role") which has no
possibility to change own password (so-called "anonymous user").
Thus, any local user can obtain password from /etc/nss-pgsql.conf, change it
and access to the DB will be corrupted
-- System Information:
Debian Release: squeeze/sid
APT prefers stable
APT policy: (990, 'stable'), (500, 'proposed-updates'), (500, 'unstable'),
(500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.30-1-686 (SMP w/1 CPU core)
Locale: LANG=ru_RU.utf8, LC_CTYPE=ru_RU.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libnss-pgsql2 depends on:
ii libc6 2.9-25 GNU C Library: Shared libraries
ii libpq5 8.4.1-1 PostgreSQL C client library
libnss-pgsql2 recommends no packages.
Versions of packages libnss-pgsql2 suggests:
ii libpam-pgsql 0.6.3-2 PAM module to authenticate using a
ii nscd 2.9-25 GNU C Library: Name Service Cache
-- debconf-show failed
signature.asc
Description: PGP signature
