I'm using postgresql7.0.2 on Linux Redhat 6.1.
It seems that any user can log in psql with any other user account
without giving any password
i.e: if I'm logged in a shell as julien (who is a single user, not an
administrator) I just have to write: psql -U postgres mydatabase to go
into mydatabase with postgres permissions, without giving any password
(or a wrong one as well)
Not really securised... any suggestions?
regards
J.Piaser