| From: | Madison Kelly <linux(at)alteeve(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | PgSQL General List <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Getting a DB password to work without editing pg_hba.conf, |
| Date: | 2005-12-16 19:09:52 |
| Message-ID: | 43A31100.7020903@alteeve.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Tom Lane wrote:
> Madison Kelly <linux(at)alteeve(dot)com> writes:
>
>> I want to find a way to let the user set the password on the new
>>database and have postgres actually ask for it without editing the
>>default 'pg_hba.conf' file, if at all possible.
>
>
> There is no such animal as a "database password" in PG. There are user
> passwords. You can grant or deny a user access to a database altogether,
> but you can't predicate it on him supplying a password different from
> his (single) login password.
>
> regards, tom lane
Thanks for the reply!
May I ask then? What *is* considered "best practices" for securing a
database in PostgreSQL? Assuming I leave the 'pg_hba.conf' file at it's
default values, is there any real point to having a password on a
postgresql user account? I've been reading the docs but I guess I am
overthinking the problem or missing something obvious. :p
Madison
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Madison Kelly (Digimer)
TLE-BU; The Linux Experience, Back Up
Main Project Page: http://tle-bu.org
Community Forum: http://forum.tle-bu.org
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Florian G. Pflug | 2005-12-16 19:11:18 | Re: Toolkit for creating editable grid |
| Previous Message | Tom Lane | 2005-12-16 18:48:01 | Re: Getting a DB password to work without editing pg_hba.conf, possible? |