[prev in list] [next in list] [prev in thread] [next in thread]
List: postgresql-announce
Subject: pgdsat v1.1 released
From: HexaCluster via PostgreSQL Announce <announce-noreply () postgresql ! org>
Date: 2024-04-22 18:02:23
Message-ID: 171380894360.684.2753736734178057606 () wrigleys ! postgresql ! org
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hanoi, Vietnam - April 19th, 2024
## pgdsat - PostgreSQL Database Security Assessment Tool
pgdsat is a security assessment tool that checks around 80 PostgreSQL secur=
ity
controls of your PostgreSQL clusters including all recommendations from the
CIS compliance benchmark but not only.
This PostgreSQL Security Assessment Tool allow assessments to be carried out
in an automated manner to verify the security policies established inside t=
he
company. It also gives understanding of the security issued that your clust=
er
can be faced.
It consists in a single command that must be run on the PostgreSQL server to
collect all necessaries system and PostgreSQL information to compute a secu=
rity
assessment report. A report consist in a summary of all tests status and a =
second
part with all detailed information. See a [sample report](https://www.darol=
d.net/sample_pgdsat/report.html).
This release adds new checks and fixes issues reported by users since the f=
irst
release published for the event of FOSSASIA 2024 in Hanoi. New features:
* Add cluster version mismatch check if `--cluster` is used.
* Add a check to ensure a data anonymization extension is installed (pg_ano=
nymize or anon).
* Add check to ensure tablespace location is not inside the PGDATA.
* Add statistics about checksum failures if any.
* Double check the Unix socket permission on disk.
* Add check to ensure that the public schema is protected in all database.
For the complete list of changes, please checkout the release note
on [https://github.com/hexacluster/pgdsat/blob/master/ChangeLog](https://gi=
thub.com/hexacluster/pgdsat/blob/master/ChangeLog)
## Links & Credits
pgdsat is an open project. Any contribution to build a better
tool is welcome. You just have to send your ideas, features requests
or patches using the GitHub tools.
Thank to the developers who submitted patches and users who reported
bugs and feature requests, they are all cited in the ChangeLog file.
Links:
* Sample report: [http://www.darold.net/sample_pgdsat/report.html](http://w=
ww.darold.net/sample_pgdsat/report.html)
* Download: [https://github.com/hexacluster/pgdsat/releases](https://github=
.com/hexacluster/pgdsat/releases)
* Development: [https://github.com/hexacluster/pgdsat](https://github.com/h=
exacluster/pgdsat)
* Changelog: [https://github.com/hexacluster/pgdsat/blob/master/ChangeLog](=
[https://github.com/hexacluster/pgdsat/blob/master/ChangeLog)
-----------------
**About pgdsat**
The objective of pgdsat is to have an Open Source and free tool to help Pos=
tgreSQL
users to enforce the security of their PostgreSQL clusters. Not all checks =
might
correspond to your security policies but pgdsat aims to be a reference on w=
hich
you can rely to check the compliance of security points with your policy.
Tool created at HexaCluster Corp and maintained by Gilles Darold.
pgdsat works on Linux platform and is available under the GPLv3 licence.
[Attachment #5 (text/html)]
<!doctype html>
<html>
<head>
<meta name="viewport" content="width=device-width">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>pgdsat v1.1 released</title>
<style>
@media only screen and (max-width: 620px) {
table[class=body] h1 {
font-size: 28px !important;
margin-bottom: 10px !important;
}
table[class=body] p,
table[class=body] ul,
table[class=body] ol,
table[class=body] td,
table[class=body] span,
table[class=body] a {
font-size: 16px !important;
}
table[class=body] .wrapper,
table[class=body] .article {
padding: 10px !important;
}
table[class=body] .content {
padding: 0 !important;
}
table[class=body] .container {
padding: 0 !important;
width: 100% !important;
}
table[class=body] .main {
border-left-width: 0 !important;
border-radius: 0 !important;
border-right-width: 0 !important;
}
table[class=body] .btn table {
width: 100% !important;
}
table[class=body] .btn a {
width: 100% !important;
}
table[class=body] .img-responsive {
height: auto !important;
max-width: 100% !important;
width: auto !important;
}
}
@media all {
.ExternalClass {
width: 100%;
}
.ExternalClass,
.ExternalClass p,
.ExternalClass span,
.ExternalClass font,
.ExternalClass td,
.ExternalClass div {
line-height: 100%;
}
.apple-link a {
color: inherit !important;
font-family: inherit !important;
font-size: inherit !important;
font-weight: inherit !important;
line-height: inherit !important;
text-decoration: none !important;
}
#MessageViewBody a {
color: inherit;
text-decoration: none;
font-size: inherit;
font-family: inherit;
font-weight: inherit;
line-height: inherit;
}
.btn-primary table td:hover {
background-color: #34495e !important;
}
.btn-primary a:hover {
background-color: #34495e !important;
border-color: #34495e !important;
}
}
</style>
</head>
<body class="" style="background-color: #f6f6f6; font-family: sans-serif; \
-webkit-font-smoothing: antialiased; font-size: 14px; line-height: 1.4; margin: 0; \
padding: 0; -ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;"> <table \
border="0" cellpadding="0" cellspacing="0" class="body" style="border-collapse: \
separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 100%; \
background-color: #f6f6f6;"> <tr>
<td style="font-family: sans-serif; font-size: 14px; vertical-align: \
top;"> </td> <td class="container" style="font-family: sans-serif; font-size: \
14px; vertical-align: top; display: block; Margin: 0 auto; max-width: 580px; padding: \
10px; width: 580px;">
<div class="content" style="box-sizing: border-box; display: block; Margin: \
0 auto; max-width: 580px; padding: 10px;">
<span class="preheader" style="color: transparent; display: none; height: \
0; max-height: 0; max-width: 0; opacity: 0; overflow: hidden; mso-hide: all; \
visibility: hidden; width: 0;"></span> <table class="main" style="border-collapse: \
separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 100%; background: \
#ffffff; border-radius: 3px;">
<tr>
<td class="wrapper" style="font-family: sans-serif; font-size: 14px; \
vertical-align: top; box-sizing: border-box; padding: 20px;">
<table border="0" cellpadding="0" cellspacing="0" \
style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; \
width: 100%;"> <tr>
<td style="font-family: sans-serif; font-size: 14px; \
vertical-align: top;">
<div>
<h1 style="color: #000; font-family: sans-serif; line-height: 1.4; margin: 0; \
margin-bottom: 30px; font-size: 25px; font-weight: 300; text-align: center">pgdsat \
v1.1 released</h1> </div>
<p style="font-family: sans-serif; font-size: 14px; font-weight: normal; margin: 0; \
margin-bottom: 15px">Hanoi, Vietnam - April 19th, 2024</p> <h2 style="color: #000; \
font-family: sans-serif; font-weight: 400; line-height: 1.4; margin: 0; \
margin-bottom: 30px">pgdsat - PostgreSQL Database Security Assessment Tool</h2> <p \
style="font-family: sans-serif; font-size: 14px; font-weight: normal; margin: 0; \
margin-bottom: 15px">pgdsat is a security assessment tool that checks around 80 \
PostgreSQL security controls of your PostgreSQL clusters including all \
recommendations from the CIS compliance benchmark but not only.</p>
<p style="font-family: sans-serif; font-size: 14px; font-weight: normal; margin: 0; \
margin-bottom: 15px">This PostgreSQL Security Assessment Tool allow assessments to be \
carried out in an automated manner to verify the security policies established inside \
the company. It also gives understanding of the security issued that your cluster
can be faced.</p>
<p style="font-family: sans-serif; font-size: 14px; font-weight: normal; margin: 0; \
margin-bottom: 15px">It consists in a single command that must be run on the \
PostgreSQL server to collect all necessaries system and PostgreSQL information to \
compute a security assessment report. A report consist in a summary of all tests \
status and a second part with all detailed information. See a <a \
href="https://www.darold.net/sample_pgdsat/report.html" style="color: #3498db; \
text-decoration: underline">sample report</a>.</p> <p style="font-family: sans-serif; \
font-size: 14px; font-weight: normal; margin: 0; margin-bottom: 15px">This release \
adds new checks and fixes issues reported by users since the first release published \
for the event of FOSSASIA 2024 in Hanoi. New features:</p> <ul style="font-family: \
sans-serif; font-size: 14px; font-weight: normal; margin: 0; margin-bottom: 15px"> \
<li style="list-style-position: inside; margin-left: 5px">Add cluster version \
mismatch check if <code>--cluster</code> is used.</li> <li \
style="list-style-position: inside; margin-left: 5px">Add a check to ensure a data \
anonymization extension is installed (pg_anonymize or anon).</li> <li \
style="list-style-position: inside; margin-left: 5px">Add check to ensure tablespace \
location is not inside the PGDATA.</li> <li style="list-style-position: inside; \
margin-left: 5px">Add statistics about checksum failures if any.</li> <li \
style="list-style-position: inside; margin-left: 5px">Double check the Unix socket \
permission on disk.</li> <li style="list-style-position: inside; margin-left: \
5px">Add check to ensure that the public schema is protected in all database.</li> \
</ul> <p style="font-family: sans-serif; font-size: 14px; font-weight: normal; \
margin: 0; margin-bottom: 15px">For the complete list of changes, please checkout the \
release note on <a href="https://github.com/hexacluster/pgdsat/blob/master/ChangeLog" \
style="color: #3498db; text-decoration: \
underline">https://github.com/hexacluster/pgdsat/blob/master/ChangeLog</a></p> <h2 \
style="color: #000; font-family: sans-serif; font-weight: 400; line-height: 1.4; \
margin: 0; margin-bottom: 30px">Links & Credits</h2> <p style="font-family: \
sans-serif; font-size: 14px; font-weight: normal; margin: 0; margin-bottom: \
15px">pgdsat is an open project. Any contribution to build a better tool is welcome. \
You just have to send your ideas, features requests or patches using the GitHub \
tools.</p> <p style="font-family: sans-serif; font-size: 14px; font-weight: normal; \
margin: 0; margin-bottom: 15px">Thank to the developers who submitted patches and \
users who reported bugs and feature requests, they are all cited in the ChangeLog \
file.</p> <p style="font-family: sans-serif; font-size: 14px; font-weight: normal; \
margin: 0; margin-bottom: 15px">Links:</p> <ul style="font-family: sans-serif; \
font-size: 14px; font-weight: normal; margin: 0; margin-bottom: 15px"> <li \
style="list-style-position: inside; margin-left: 5px">Sample report: <a \
href="http://www.darold.net/sample_pgdsat/report.html" style="color: #3498db; \
text-decoration: underline">http://www.darold.net/sample_pgdsat/report.html</a></li> \
<li style="list-style-position: inside; margin-left: 5px">Download: <a \
href="https://github.com/hexacluster/pgdsat/releases" style="color: #3498db; \
text-decoration: underline">https://github.com/hexacluster/pgdsat/releases</a></li> \
<li style="list-style-position: inside; margin-left: 5px">Development: <a \
href="https://github.com/hexacluster/pgdsat" style="color: #3498db; text-decoration: \
underline">https://github.com/hexacluster/pgdsat</a></li> <li \
style="list-style-position: inside; margin-left: 5px">Changelog: <a style="color: \
#3498db; text-decoration: \
underline">https://github.com/hexacluster/pgdsat/blob/master/ChangeLog</a></li> </ul>
<hr/>
<p style="font-family: sans-serif; font-size: 14px; font-weight: normal; margin: 0; \
margin-bottom: 15px"><strong>About pgdsat</strong></p> <p style="font-family: \
sans-serif; font-size: 14px; font-weight: normal; margin: 0; margin-bottom: 15px">The \
objective of pgdsat is to have an Open Source and free tool to help PostgreSQL users \
to enforce the security of their PostgreSQL clusters. Not all checks might correspond \
to your security policies but pgdsat aims to be a reference on which you can rely to \
check the compliance of security points with your policy.</p> <p style="font-family: \
sans-serif; font-size: 14px; font-weight: normal; margin: 0; margin-bottom: \
15px">Tool created at HexaCluster Corp and maintained by Gilles Darold.</p> <p \
style="font-family: sans-serif; font-size: 14px; font-weight: normal; margin: 0; \
margin-bottom: 15px">pgdsat works on Linux platform and is available under the GPLv3 \
licence.</p>
</td>
</tr>
</table>
</td>
</tr>
</table>
<div class="footer" style="clear: both; Margin-top: 10px; text-align: \
center; width: 100%;">
<table border="0" cellpadding="0" cellspacing="0" \
style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; \
width: 100%;"> <tr>
<td class="content-block" style="font-family: sans-serif; \
vertical-align: top; padding-bottom: 10px; padding-top: 10px; font-size: 12px; color: \
#999999; text-align: center;">
<span class="apple-link" style="color: #999999; font-size: 12px; \
text-align: center;"> This email was sent to you from HexaCluster. It was delivered \
on their behalf by the PostgreSQL project. Any questions about the content of the \
message should be sent to HexaCluster.
</span>
<br><br>
You were sent this email as a subscriber of the <em>pgsql-announce</em> mailinglist, \
for the content tag Related Open Source.
To unsubscribe from
further emails, or change which emails you want to receive, please click the personal \
unsubscribe link that you can find in the headers of this email, or visit
<a href="https://lists.postgresql.org/unsubscribe/" style="color: #3498db; \
text-decoration: underline">https://lists.postgresql.org/unsubscribe/</a>.
</td>
</tr>
</table>
</div>
</div>
</td>
<td style="font-family: sans-serif; font-size: 14px; vertical-align: \
top;"> </td> </tr>
</table>
</body>
</html>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic