Home > mailing lists

Re: FINAL: Multi-User PostgreSQL usage SECURITY - Mailing list pgsql-admin

From	Tom Lane
Subject	Re: FINAL: Multi-User PostgreSQL usage SECURITY
Date	September 7, 2001 22:05:56
Msg-id	11012.999903946@sss.pgh.pa.us Whole thread Raw
In response to	FINAL: Multi-User PostgreSQL usage SECURITY ("Mike Rogers" <temp6453@hotmail.com>)
List	pgsql-admin

Tree view

"Mike Rogers" <temp6453@hotmail.com> writes:
>     I have tried chaning pg_hba.conf to add the database field to the user,
> but that doesn't seem to help at all.

Make the database field "sameuser", and then the line only allows
connection to one's own database.  You will need an escape hatch to
allow you as superuser to get into everyone's db (else you can't run
pg_dumpall).  The escape hatch should be a second line in pg_hba.conf
with a tighter authorization method (eg, a secondary password file
with an entry only for you).

            regards, tom lane

pgsql-admin by date:

From: "Mike Rogers"
Date: 07 September 2001, 21:09:31
Subject: FINAL: Multi-User PostgreSQL usage SECURITY

From: Stephan Szabo
Date: 07 September 2001, 22:09:34
Subject: Re: FINAL: Multi-User PostgreSQL usage SECURITY

Re: FINAL: Multi-User PostgreSQL usage SECURITY - Mailing list pgsql-admin

Previous

Next