| From: | Christopher Luk <wluk(at)hkcccc(dot)org> |
|---|---|
| To: | Postgres95 interfaces Mailing List <pgsql-interfaces(at)postgreSQL(dot)org> |
| Subject: | Security!!! |
| Date: | 1998-03-20 03:11:42 |
| Message-ID: | Pine.LNX.3.96.980320105927.19954B-100000@mail.hkcccc.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-interfaces |
I wonder if my setting have problem or not. I found that there is no
security issue on my postgres95.
1. I have a super user postgres, however, when I login as somebody else
which should not have right to the postgres95 database, I can use the
following command to act as postgres super user.
psql -u "database name"
>>Username : postgres
>>password : "anythingelse"
After this command, I can use the sql monitor as super user postgres,
which means that I can create, drop, update anything or destroy everything
on the database only if I can login to the server which have postgres95
installed.
2. I am using Postodbc as odbc driver on windows 95. Same as above, I can
login as anybody else without a password check even I use "alter user
[username] with password [password]" to add a password.
Walking through the documents, still didn't find any solution.
Please help if there is a solution to this problem. THx
(Linux 2.0.30 (standard), postgres 6.3, gcc 2.7, windows 95 OSR2)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Aleksey Demakov | 1998-03-20 12:02:48 | PgAccess and displaying 8-bit characters |
| Previous Message | Bruce Stephens | 1998-03-19 19:38:01 | Re: [INTERFACES] Tix + Postgres. |