| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | Wim Bertels <wim(dot)bertels(at)khleuven(dot)be> |
| Cc: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: alter user |
| Date: | 2005-09-23 04:10:09 |
| Message-ID: | 20050923041009.GA19555@wolff.to |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On Fri, Sep 23, 2005 at 01:13:37 +0200,
Wim Bertels <wim(dot)bertels(at)khleuven(dot)be> wrote:
> Ls,
>
> any user can change his own password,
> i haven't found a way of prohibiting this.
> what about a general user (eg test/test), that is used by many people,
> one of those people could use alter user (being connected as test/test) the
> change the password, leaving the rest clueless..
>
> suggestions to prevent this?, i need a general (readonly) user!
Tell people not to do this.
Use ident authentication.
Give each person their own postgres account.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruno Wolff III | 2005-09-23 04:12:03 | Re: alter user |
| Previous Message | Bruce Momjian | 2005-09-23 03:05:49 | Re: [HACKERS] How to determine date / time of last postmaster |