Date: Fri, 12 Sep 2003 18:36:43 -0400 (EDT) From: alexander v p <alex@big-blue.net> To: Kirk Strauser <kirk@strauser.com> Cc: freebsd-questions@freebsd.org Subject: Re: Trying to secure PostgreSQL Message-ID: <Pine.BSF.4.21.0309121834190.9620-100000@localhost> In-Reply-To: <87fzj1bqp9.fsf@strauser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
look in /usr/local/pgsql/data/pg_hba.conf by default is: local all all trust host all all 127.0.0.1 255.255.255.255 trust what you have to do is to change trust into password or md5 hope that helps alex p.s. restart postgres after you change the conf file. On Fri, 12 Sep 2003, Kirk Strauser wrote: > At 2003-09-12T21:39:14Z, "Andrew L. Gould" <algould@datawok.com> writes: > > > You're looking for something difficult when the easier answer is correct. > > > > As root, set pgsql's password by executing: > > > > passwd pgsql > > What would that buy me? After doing that, I can still access any database > on the system with: > > kirk@kanga:~$ psql -U pgsql template1 > Welcome to psql 7.3.4, the PostgreSQL interactive terminal. > > without being prompted for a password. I don't want users, even local > users, to have full run of the database as the user of their choice. > -- > Kirk Strauser >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0309121834190.9620-100000>