Skip site navigation (1) Skip section navigation (2)

Re: alter user

From: Scott Marlowe <smarlowe(at)g2switchworks(dot)com>
To: wim(dot)bertels(at)khleuven(dot)be
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: alter user
Date: 2005-09-23 15:32:28
Message-ID: 1127489548.30825.90.camel@state.g2switchworks.com (view raw or flat)
Thread:
Lists: pgsql-admin
On Thu, 2005-09-22 at 19:32, Wim Bertels wrote:
> On Friday 23 September 2005 01:51, Scott Marlowe seinde rooksignalen:
> > Instead of using a general purpose account, why not give everyone an
> > account, then make them a member of a group, and give that group the
> > access.
> >
> > That way you can easily add / remove people from the group instead of
> > trying to do it this way.
> 
> not an option, its for scripting and testing purposes

I don't see why my method(s) excludes scripting and testing.

> >
> > Otherwise, don't use a password, set the machine to use trust or ident or
> > something like that where a password wouldn't matter.
> 
> although it is then a user/pasword known by a lot of people,
> it is still beter than no password

No, it really isn't.  Once everyone (or a large enough subset of
everyone) knows the password, it's no better than an account that can
log in without one.

If it's a generic read only account with the same name as the database,
give it select only permission, and add a line like this:

host  sameuser  all   10.1.1.1         255.255.255.0     trust

where the 10.1.1.1 / 255.255.255.0 are replaced with the appropriate
mask to let your test machines log in.  Put the host / md5 lines after
this one for the same line but with all in place of sameuser and you're
gold.

In response to

pgsql-admin by date

Next:From: AldorDate: 2005-09-23 15:52:02
Subject: Re: [ADMIN] COPY TO / COPY FROM
Previous:From: Scott MarloweDate: 2005-09-23 15:23:44
Subject: Re: Encrypted Disks

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group