Re: Problem - any password accepted
| От | Richard Huxton |
|---|---|
| Тема | Re: Problem - any password accepted |
| Дата | |
| Msg-id | 465DB5A5.2010503@archonet.com обсуждение исходный текст |
| Ответ на | Problem - any password accepted (Oliver Elphick <olly@lfix.co.uk>) |
| Ответы |
Re: Problem - any password accepted
|
| Список | pgsql-general |
Oliver Elphick wrote: > While experimenting just now, I seem to have found a weird problem with > passwords, in that _anything_ I type in is accepted as a valid password. > > > Here are the relevant bits of pg_hba.conf > # TYPE DATABASE USER CIDR-ADDRESS METHOD > hostnossl junk olly 127.0.0.1/32 trust > host all all 127.0.0.1/32 md5 > 2. TCP/IP access: this uses SSL so it skips the hostnossl line and hits > the next host line, which specifies an md5 password. Whatever I type is > accepted. > In the log I have: > 2007-05-30 17:54:59 BST LOG: could not receive data from client: Connection res > et by peer > 2007-05-30 17:55:02 BST FATAL: password authentication failed for user "olly" > > but it has still let me in. Is it not falling back to non-SSL access, and so letting you through with "trust"? With a libpq call you could set "sslmode", but I'm not sure if you can do that from the command-line. -- Richard Huxton Archonet Ltd
В списке pgsql-general по дате отправления: