Re: Too easy to log in as the "postgres" user?
| От | Glyn Astill |
|---|---|
| Тема | Re: Too easy to log in as the "postgres" user? |
| Дата | |
| Msg-id | 11624.81765.qm@web23604.mail.ird.yahoo.com обсуждение исходный текст |
| Ответ на | Too easy to log in as the "postgres" user? (Thom Brown <thombrown@gmail.com>) |
| Список | pgsql-general |
> From: Thom Brown <thombrown@gmail.com> > Subject: [GENERAL] Too easy to log in as the "postgres" user? > To: "PGSQL Mailing List" <pgsql-general@postgresql.org> > Date: Thursday, 15 October, 2009, 11:38 AM > I've noticed that if I just log in to > my server, I don't su to root, > or become the postgres user, I can get straight into the > database as > the postgres user merely with "psql -U postgres -h > localhost". My > user account isn't a member of the postgres group. > > It appears I've not applied my security settings > correctly. What can > I do to prevent access this way? I'd still want to be > able to su to > the postgres user and log in that way, but not with the -U > parameter > allowing access. You just need to change the local connections to any authentication method other than trust. http://www.postgresql.org/docs/8.3/interactive/auth-pg-hba-conf.html Glyn
В списке pgsql-general по дате отправления: