| From: | andrew(at)ugh(dot)net(dot)au |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Local Users "su'ing" |
| Date: | 2000-08-26 05:45:55 |
| Message-ID: | Pine.BSF.4.21.0008261531010.47082-100000@starbug.ugh.net.au |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi,
I'm running postgresql 7.0.2 under FreeBSD 4.1-STABLE. If a user runs
pgsql from the command line and then types \c - <user> they can connect to
the database with the priveleges of <user>. No password is required,
presumably because of the line in pg_hba.conf:
local all trust
Great fun for someone who su's to pgsql...
A couple of questions...
1) This seems to be an odd default behaviour. Should it be documented
fairly clearly somewhere (perhaps it is but I missed it) or should the
default pg_hba.conf require passwords?
2) Is it possible to not require passwords if the local user connects to
postgres as a postgres user of the same name but require a password in all
other circumstances?
3) Does the search engine on the web site usually work? It keeps telling
me its stalled when I try to search the list archives. The same thing
happened a while ago but I thought it was just a temporary thing.
Thanks,
Andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bill Barnes | 2000-08-26 07:42:16 | pgaccess not connecting |
| Previous Message | Jurgen Defurne | 2000-08-26 05:36:25 | Re: table count limitation |