Problem in User Securities
The default security setup in PG is to allow all connections from localhost,
w/o password. This should be changed. You'll find this in your $PGDATA
directory, in the file pg_hba.conf.
- J.
Knowledge Management & Technology Consultant
Quote:
> -----Original Message-----
> Sent: Monday, May 20, 2002 5:33 AM
> To: PostgreSQL
> Subject: [ADMIN] Problem in User Securities
> Hello All,
> I am new to Postgres, While I was checking 'User Securities' in postgres I
> got the following problem.
> I created a user using 'createuser' command and gave superuser
> permissions.
> but while accessing database, even if we have not given '-W' password
> option it is entering into database. So who knows Unix administrator
> password can enter into any database if they know corresponding login name
> and they work with the same permissions..
> And also i observed that even we can enter into template1 with out giving
> any username or password.
> I doubt there will be a way to restrict this.
> Can any body help me regarding this.
> Thanks alot,
> With best Regards
> bhaskararaju
> ---------------------------(end of broadcast)---------------------------
---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster
