Local Host Security? All users should have passwords optionally...
| От | pgsql-bugs@postgresql.org |
|---|---|
| Тема | Local Host Security? All users should have passwords optionally... |
| Дата | |
| Msg-id | 200103262208.f2QM8f102938@hub.org обсуждение исходный текст |
| Ответы |
Re: Local Host Security? All users should have passwords
optionally...
|
| Список | pgsql-bugs |
Iván Baldo (ivan.baldo@pilasnet.com) reports a bug with a severity of 2 The lower the number the more severe it is. Short Description Local Host Security? All users should have passwords optionally... Long Description I wanted to add passwords to all the users on the database, including the postgres user, etc. Then everything is authenticatedusing "crypt" method, so it asks passwords EVERYTIME. The problem I found is that I cannot do a "pg_dumpall" anymore, since I have no way to tell it to use the "postgres" userwith a given password. It tries to use the user "root" without password and it fails miserably! What happens if a hacker (or worst, a cracker!) enters to the machine somehow and I don't ask passwords for unix domain sockets?Well, it has access to all my data... Ok, this should not happen, but I worry if it happens and I think it is importantto enforce the security a little more in Postgres. The documentation doesn't say anything about this... Sample Code No file was uploaded with this report
В списке pgsql-bugs по дате отправления: