Skip site navigation (1) Skip section navigation (2)

Re: Disable TRUST authentication mode

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Jan Lentfer <Jan(dot)Lentfer(at)web(dot)de>
Cc: c k <shreeseva(dot)learning(at)gmail(dot)com>, pgsql-admin <pgsql-admin(at)postgresql(dot)org>
Subject: Re: Disable TRUST authentication mode
Date: 2012-03-10 16:20:30
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-admin
Jan Lentfer <Jan(dot)Lentfer(at)web(dot)de> writes:
> Am 10.03.2012 16:21, schrieb c k:
>> It we can disable the TRUST mode then every user have to login with
>> password and every fraud user have to know the password (at least) of
>> the user. It is not the case that users from other departments share
>> their passwords, but fraud users just bypasses the need to know the
>> password.

> If they can alter pg_hba.conf they can almost certainly also change/add 
> users, alter passwords, etc, etc... So from a security perspective it 
> doesn't buy you much.

Somebody who has the ability to rewrite pg_hba.conf could also go in and
physically alter the database files -- those are in the same directory
tree, with the same ownership and permissions, as pg_hba.conf.  If you
cannot trust people who have that level of access, you have a problem
that software cannot solve for you.  You need to rethink who has got
access to the machine running the database server, or at least who has
got root on it.

			regards, tom lane

In response to

pgsql-admin by date

Next:From: c kDate: 2012-03-10 16:20:32
Subject: Re: Disable TRUST authentication mode
Previous:From: Jan LentferDate: 2012-03-10 15:28:14
Subject: Re: Disable TRUST authentication mode

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group