On Mon, 2011-12-19 at 17:19 +0200, MURAT KOÇ wrote:
> Thanks for reply. But it's not suitable to trust the people who have
> access to the logs.
>
> Think, I changed my DB password and other DBA colleague who has access
> to the PostgreSQL logs has seen my DB password. He started to use my
> DB password instead of his password.
>
> He executed all DDL and DML statements with my DB account. In fact, I
> did nothing but because of this gap I did all things.
>
> Is it a trustable situation ? How will we identify who is guilty he or
> me?
>
Do they have access to the pg_hba.conf file? because if they have, you
have no chance to stop them from connecting to the database with your
user account and without any need to know your password.
--
Guillaume
http://blog.guillaume.lelarge.info
http://www.dalibo.com
PostgreSQL Sessions #3: http://www.postgresql-sessions.org
