On Tuesday 27 January 2004 16:21, Marcin Gil wrote:
> Martin Atukunda wrote:
> > - local all all trust
> > + local all postgres trust
> > + local all all md5
> Ok. but if user does:
> psql -d template1 -U postgres?
> then he won't be asked about password but should.
> Everyone who can access psql, can get into db as postgres user.
> Not safe I suppose.
Quite true. This is not a safe option, particularly if you don't trust local
users. I suppose in this case you could maintain the following in
- local all all trust
+ local all all md5
and then have init the postmaster by using su.
235:respawn:/bin/su - postgres -c /usr/local/pgsql/bin/start.sh
with start.sh having:
OPTIONS="-i -N 256 -B 512"
postmaster -D $DATADIR $OPTIONS > $LOGFILE 2>&1
- Martin -
"If we don't succeed, we run the risk of failure."
--Bill Clinton, President
In response to
pgsql-novice by date
|Next:||From: lnd||Date: 2004-01-27 13:58:07|
|Subject: Increase stored proc. parameters max count|
|Previous:||From: Marcin Gil||Date: 2004-01-27 13:21:27|
|Subject: Re: db security; user identification|