From owner-freebsd-questions@FreeBSD.ORG  Fri Sep 12 15:51:41 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6351216A4DB
	for <freebsd-questions@freebsd.org>;
	Fri, 12 Sep 2003 15:51:40 -0700 (PDT)
Received: from borg.starbase.net (mail.big-blue.net [208.233.101.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id DBB2F4401F
	for <freebsd-questions@freebsd.org>;
	Fri, 12 Sep 2003 15:51:34 -0700 (PDT)
	(envelope-from alex@big-blue.net)
Received: from borg.starbase.net (borg.starbase.net [208.233.101.2])
	by borg.starbase.net (8.12.9/8.11.1) with ESMTP id h8CMahS4009905;
	Fri, 12 Sep 2003 18:36:43 -0400 (EDT)
	(envelope-from alex@big-blue.net)
Date: Fri, 12 Sep 2003 18:36:43 -0400 (EDT)
From: alexander v p <alex@big-blue.net>
Sender: alex@borg.starbase.net
To: Kirk Strauser <kirk@strauser.com>
In-Reply-To: <87fzj1bqp9.fsf@strauser.com>
Message-ID: <Pine.BSF.4.21.0309121834190.9620-100000@localhost>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: "Andrew L. Gould" <algould@datawok.com>
cc: freebsd-questions@freebsd.org
Subject: Re: Trying to secure PostgreSQL
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Sep 2003 22:51:42 -0000

look in /usr/local/pgsql/data/pg_hba.conf 
by default is:

local   all         all                                             trust
host    all         all         127.0.0.1         255.255.255.255   trust

what you have to do is to change trust into password or md5
hope that helps
alex
p.s. restart postgres after you change the conf file.

On Fri, 12 Sep 2003, Kirk Strauser wrote:

> At 2003-09-12T21:39:14Z, "Andrew L. Gould" <algould@datawok.com> writes:
> 
> > You're looking for something difficult when the easier answer is correct.
> >
> > As root, set pgsql's password by executing:
> >
> > passwd pgsql
> 
> What would that buy me?  After doing that, I can still access any database
> on the system with:
> 
>     kirk@kanga:~$ psql -U pgsql template1
>     Welcome to psql 7.3.4, the PostgreSQL interactive terminal.
> 
> without being prompted for a password.  I don't want users, even local
> users, to have full run of the database as the user of their choice.
> -- 
> Kirk Strauser
>