Quick Links

Community
Contributors
Mailing Lists
IRC
Local User Groups
Events
International Sites

phpPgAdmin Security hole

From:	Frank Hilliard <frankhilliard(at)shaw(dot)ca>
To:	pgsql-novice(at)postgresql(dot)org
Subject:	phpPgAdmin Security hole
Date:	2001-12-21 21:47:38
Message-ID:	3C23ADFA.2080504@shaw.ca
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-novice

I've just discovered that password protection for phpPgAdmin may not be
functioning if the postgres config file isn't set to require passwords.
It's sure easy to check, just type in postgres as a username and a
bogus password and it still works! The quick, but dirty, fix is to
change the default directory to some other name.

Frank Hilliard
http://frankhilliard.com/

In response to

Re: Import DB from DOS- dbase4 at 2001-12-21 16:37:00 from Josh Berkus

Browse pgsql-novice by date

	From	Date	Subject
Next Message	Francisco Reyes	2001-12-21 22:00:24	Variable + string concatenation?
Previous Message	Tom Lane	2001-12-21 19:13:09	Re: appropriate sort_mem & shared buffers