| From: | Thom Brown <thombrown(at)gmail(dot)com> |
|---|---|
| To: | PGSQL Mailing List <pgsql-general(at)postgresql(dot)org> |
| Subject: | Too easy to log in as the "postgres" user? |
| Date: | 2009-10-15 10:38:00 |
| Message-ID: | bddc86150910150338p203659ck69fc9f936e80fb8@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
I've noticed that if I just log in to my server, I don't su to root,
or become the postgres user, I can get straight into the database as
the postgres user merely with "psql -U postgres -h localhost". My
user account isn't a member of the postgres group.
It appears I've not applied my security settings correctly. What can
I do to prevent access this way? I'd still want to be able to su to
the postgres user and log in that way, but not with the -U parameter
allowing access.
The pg_hba.conf is probably relevant here, so this is the setup:
# TYPE DATABASE USER CIDR-ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
Thanks
Thom Brown
Crawley, UK
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Albe Laurenz | 2009-10-15 10:40:43 | Re: how to Export ALL plpgsql functions/triggers to file |
| Previous Message | Grzegorz Jaśkiewicz | 2009-10-15 09:22:20 | Re: could not open process token: error code 5 |