Skip site navigation (1) Skip section navigation (2)

phpPgAdmin Security hole

From: Frank Hilliard <frankhilliard(at)shaw(dot)ca>
To: pgsql-novice(at)postgresql(dot)org
Subject: phpPgAdmin Security hole
Date: 2001-12-21 21:47:38
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-novice
I've just discovered that password protection for phpPgAdmin may not be 
functioning if the postgres config file isn't set to require passwords. 
It's sure easy to check, just type in postgres as a username and  a 
bogus password and it still works! The quick, but dirty, fix is to 
change the default directory to some other name.

Frank Hilliard

In response to

pgsql-novice by date

Next:From: Francisco ReyesDate: 2001-12-21 22:00:24
Subject: Variable + string concatenation?
Previous:From: Tom LaneDate: 2001-12-21 19:13:09
Subject: Re: appropriate sort_mem & shared buffers

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group