Skip site navigation (1) Skip section navigation (2)


From: Christopher Luk <wluk(at)hkcccc(dot)org>
To: Postgres95 interfaces Mailing List <pgsql-interfaces(at)postgreSQL(dot)org>
Subject: Security!!!
Date: 1998-03-20 03:11:42
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-interfaces
I wonder if my setting have problem or not. I found that there is no
security issue on my postgres95.

1. I have a super user postgres, however, when I login as somebody else
which should not have right to the postgres95 database, I can use the
following command to act as postgres super user.

   psql -u "database name"
   >>Username : postgres
   >>password : "anythingelse"

After this command, I can use the sql monitor as super user postgres,
which means that I can create, drop, update anything or destroy everything
on the database only if I can login to the server which have postgres95

2. I am using Postodbc as odbc driver on windows 95. Same as above, I can
login as anybody else without a password check even I use "alter user
[username] with password [password]" to add a password.

Walking through the documents, still didn't find any solution.
Please help if there is a solution to this problem. THx
(Linux 2.0.30 (standard), postgres 6.3, gcc 2.7, windows 95 OSR2)


pgsql-interfaces by date

Next:From: Aleksey DemakovDate: 1998-03-20 12:02:48
Subject: PgAccess and displaying 8-bit characters
Previous:From: Bruce StephensDate: 1998-03-19 19:38:01
Subject: Re: [INTERFACES] Tix + Postgres.

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group