Trying to secure PostgreSQL
alexander v p
alex at big-blue.net
Fri Sep 12 15:51:42 PDT 2003
look in /usr/local/pgsql/data/pg_hba.conf
by default is:
local all all trust
host all all 127.0.0.1 255.255.255.255 trust
what you have to do is to change trust into password or md5
hope that helps
p.s. restart postgres after you change the conf file.
On Fri, 12 Sep 2003, Kirk Strauser wrote:
> At 2003-09-12T21:39:14Z, "Andrew L. Gould" <algould at datawok.com> writes:
> > You're looking for something difficult when the easier answer is correct.
> > As root, set pgsql's password by executing:
> > passwd pgsql
> What would that buy me? After doing that, I can still access any database
> on the system with:
> kirk at kanga:~$ psql -U pgsql template1
> Welcome to psql 7.3.4, the PostgreSQL interactive terminal.
> without being prompted for a password. I don't want users, even local
> users, to have full run of the database as the user of their choice.
> Kirk Strauser
More information about the freebsd-questions