Home > mailing lists

Re: [pgsql-admin] Simple question about security in 8.1.1 - Mailing list pgsql-admin

From	Stephan Szabo
Subject	Re: [pgsql-admin] Simple question about security in 8.1.1
Date	January 23, 2006 01:36:16
Msg-id	20060122183141.G82325@megazone.bigpanda.com Whole thread Raw
In response to	[pgsql-admin] Simple question about security in 8.1.1 (Dan Bikle <dan.bikle@gmail.com>)
List	pgsql-admin

Tree view

On Sun, 22 Jan 2006, Dan Bikle wrote:


> I'm allowed to connect to the db10 database without authentication!:
>
> bash-2.05b$ psql db10 scott
> Welcome to psql 8.1.1, the PostgreSQL interactive terminal.
>
> Type:  ＼copyright for distribution terms
>        ＼h for help with SQL commands
>        ＼? for help with psql commands
>        ＼g or terminate with semicolon to execute query
>        ＼q to quit
>
> db10=> create table dropme (n integer);
> CREATE TABLE
> db10=> drop table dropme;
> DROP TABLE
> db10=>
>
> This seems insecure.
>
> How do I create a postgreSQL user account such that attempts to connect
> to it require authentication?

You probably should look at the following:

http://www.postgresql.org/docs/8.1/interactive/client-authentication.html

pgsql-admin by date:

From: Dan Bikle
Date: 23 January 2006, 01:09:09
Subject: [pgsql-admin] Simple question about security in 8.1.1

From: "Joshua D. Drake"
Date: 23 January 2006, 03:28:24
Subject: Re: [pgsql-admin] Simple question about security in 8.1.1

Re: [pgsql-admin] Simple question about security in 8.1.1 - Mailing list pgsql-admin

Previous

Next