From PostgreSQL 9.x Security Technical Implementation Guide
Part of SRG-APP-000266-DB-000162
Associated with: CCI-001312
Any PostgreSQL or associated application providing too much information in error messages on the screen or printout risks compromising the data and security of the system. The structure and content of error messages need to be carefully considered by the organization and development team.
As the database administrator, run the following SQL: SELECT current_setting('client_min_messages'); If client_min_messages is not set to error, this is a finding.
As the database administrator, edit postgresql.conf: $ sudo su - postgres $ vi $PGDATA/postgresql.conf Change the client_min_messages parameter to be error: client_min_messages = error Now reload the server with the new configuration (this just reloads settings currently in memory, will not cause an interruption): $ sudo su - postgres # SYSTEMD SERVER ONLY $ systemctl reload postgresql-9.5 # INITD SERVER ONLY $ service postgresql-9.5 reload
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer