| From: | "john(dot)cheng" <neoart(dot)hinet(at)msa(dot)hinet(dot)net> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | how to keep/lock/ hide pg_hba.conf ? |
| Date: | 2011-04-11 14:35:21 |
| Message-ID: | 1302532521151-4296068.post@n5.nabble.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Dear all:
I am ready to release a client/server software (in windows xp),sure it's
postgresql based application
but I have to hide the password for sensitive data.
I found that,if user modified the pg_hba.conf, modified the "METHOD"field
from md5 to "password"
then,user can find out the password by some the TCP/IP peep tool --such as
LayerViewer
(we don't plan to install SSL in server/client)
I think as a newbie as I know this bug,this solution should be released
already
Thanks for any advice/suggestion
Regards
john from Taiwan
--
View this message in context: http://postgresql.1045698.n5.nabble.com/how-to-keep-lock-hide-pg-hba-conf-tp4296068p4296068.html
Sent from the PostgreSQL - hackers mailing list archive at Nabble.com.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kevin Grittner | 2011-04-11 15:03:49 | Re: Feature request: pg_basebackup --force |
| Previous Message | Nick Raj | 2011-04-11 11:33:52 | Global variables in plpgsql |