| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | hubert baumgartner <hubert_baumgartner(at)mac(dot)com> |
| Cc: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: security |
| Date: | 2003-01-18 03:33:27 |
| Message-ID: | 20902.1042860807@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
hubert baumgartner <hubert_baumgartner(at)mac(dot)com> writes:
> i have a few security concerns about postgres database and would like
> to know if there is a possibility to compile postgres a way he only
> accepts password athentication , and ignores the pg_hba.conf file ....
> any ideas ?
I suppose you could rip all the auth methods except password out of the
code ... but I cannot imagine a more complete waste of time. If someone
has write access to the pg_hba.conf file, then they have already broken
into your postgres account or your root account. The game is over;
there isn't anything in your database that they can't read, change, or
delete. Even more to the point, there's nothing stopping them from
changing all the database passwords. What makes you think that password
authentication is one iota more secure than any other method, under
such conditions?
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Yudha Setiawan | 2003-01-20 03:29:39 | Re: Do Something before Abort on Trigger ??? |
| Previous Message | Jiang.Li | 2003-01-17 23:38:05 | About PostgreSQL 7.3.1 Installation |