On Wed, Oct 05, 2005 at 05:27:22PM +0200, L van der Walt wrote:
> I have played now with MySQL and with MySQL you can change the password
> for root in MySQL (same as postgres in PostgreSQL). If you use the
> command line tools like dump you require the password. Just because
> your root doesn't mean your root in MySQL
If you think that protects your data, I have a bridge to sell you. All
I would need to do would be to download the MySQL source, delete the
password check, compile and I can see all the data.
> Can one separate the user postgres in PostgreSQL from the user postgres
> in Linux(The OS)?
Sure, delete the entries from pg_hba.conf. Like so:
root@vali:~# su - postgres
postgres@vali:~$ psql test
psql: FATAL: no pg_hba.conf entry for host "[local]", user "postgres", database "test", SSL off
See, can't get in. Ofcourse, your "rogue" administrators would simply
add themselves to the config file and they're in. They're root you
see...
--
Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/
> Patent. n. Genius is 5% inspiration and 95% perspiration. A patent is a
> tool for doing 5% of the work and then sitting around waiting for someone
> else to do the other 95% so you can sue them.
