Home > mailing lists

Re: Too easy to log in as the "postgres" user? - Mailing list pgsql-general

From	Stephen Frost
Subject	Re: Too easy to log in as the "postgres" user?
Date	October 15, 2009 14:32:40
Msg-id	20091015142115.GE17756@tamriel.snowman.net Whole thread Raw
In response to	Re: Too easy to log in as the "postgres" user? (Andrew Bailey <hazlorealidad@gmail.com>)
List	pgsql-general

Tree view

* Andrew Bailey (hazlorealidad@gmail.com) wrote:
> You appear to be trusting all connections what I think you want is the
> following:
>
> local all all ident sameuser
> # IPv4 local connections:
> host all all 127.0.0.1/32 ident sameuser
> # IPv6 local connections:
> host all all ::1/128 ident sameuser
>
> Remember that you need to get postgres to reread the file after
> changing it by using pg_ctl reload or kill -HUP {pid}

ident sameuser for host connections really isn't recommend nor is
terribly secure, in general.  Over localhost is better, but using local
is infinitely better, imo.

    Stephen

Attachment

signature.asc

pgsql-general by date:

From: Andrew Bailey
Date: 15 October 2009, 13:25:09
Subject: Re: Too easy to log in as the "postgres" user?

From: Tom Lane
Date: 15 October 2009, 14:41:59
Subject: Re: Can't find documentation for ~=~ operator

Re: Too easy to log in as the "postgres" user? - Mailing list pgsql-general

Attachment

Previous

Next