Re: "trust" authentication in pg_hba.conf

Поиск
Список
Период
Сортировка
От Stephen Frost
Тема Re: "trust" authentication in pg_hba.conf
Дата
Msg-id 20151125134234.GW3685@tamriel.snowman.net
обсуждение исходный текст
Ответ на "trust" authentication in pg_hba.conf  (Chris Withers <chris@simplistix.co.uk>)
Список pgsql-general
Дерево обсуждения 
* Chris Withers (chris@simplistix.co.uk) wrote:
> What's the default contents of pg_hba.conf that postgres ships with?

The PG community provides both source code, which is expected to be used
by developers and is therefore wide open, and binary packages, which are
expected to be used by end users and therefore has sensible defaults for
authentication (mainly 'peer').

> I've been to it contains 'trust' for all local connections.
> Is this wise? Anyone who can get a shell on your database server can
> connect to any database as any user?

It is not wise to run with 'trust' in a non-development environment.

Thanks!

Stephen
Вложения

В списке pgsql-general по дате отправления:

Предыдущее
От: Stephen Frost
Дата:
Сообщение: Re: Can row level security policies also be implemented for views?
Следующее
От: NTPT
Дата:
Сообщение: RE: [GENERAL] Query failed: ERROR: character with byte sequence 0xc2 0x96 in encoding "UTF8" has no equivalent in encoding "WIN1250"