| From: | andrew(at)ugh(dot)net(dot)au |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Local Users "su'ing" (REPOST) |
| Date: | 2000-08-27 01:58:34 |
| Message-ID: | Pine.BSF.4.21.0008271154190.54052-100000@starbug.ugh.net.au |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi,
Don't think this made it the first time...
Thanks,
Andrew
---------- Forwarded message ----------
Date: Sat, 26 Aug 2000 15:45:55 +1000 (EST)
From: andrew(at)ugh(dot)net(dot)au
To: pgsql-general(at)postgresql(dot)org
Subject: Local Users "su'ing"
Hi,
I'm running postgresql 7.0.2 under FreeBSD 4.1-STABLE. If a user runs
pgsql from the command line and then types \c - <user> they can connect to
the database with the priveleges of <user>. No password is required,
presumably because of the line in pg_hba.conf:
local all trust
Great fun for someone who su's to pgsql...
A couple of questions...
1) This seems to be an odd default behaviour. Should it be documented
fairly clearly somewhere (perhaps it is but I missed it) or should the
default pg_hba.conf require passwords?
2) Is it possible to not require passwords if the local user connects to
postgres as a postgres user of the same name but require a password in all
other circumstances?
Thanks,
Andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Miles Thompson | 2000-08-27 02:49:43 | Re: split up tables or one big one? |
| Previous Message | Dale Walker | 2000-08-27 01:11:16 | Re: creating functions |