Home > mailing lists

Re: "trust" authentication in pg_hba.conf - Mailing list pgsql-general

From	Stephen Frost
Subject	Re: "trust" authentication in pg_hba.conf
Date	November 25, 2015 16:42:38
Msg-id	20151125134234.GW3685@tamriel.snowman.net Whole thread Raw
In response to	"trust" authentication in pg_hba.conf (Chris Withers <chris@simplistix.co.uk>)
List	pgsql-general

Tree view

* Chris Withers (chris@simplistix.co.uk) wrote:
> What's the default contents of pg_hba.conf that postgres ships with?

The PG community provides both source code, which is expected to be used
by developers and is therefore wide open, and binary packages, which are
expected to be used by end users and therefore has sensible defaults for
authentication (mainly 'peer').

> I've been to it contains 'trust' for all local connections.
> Is this wise? Anyone who can get a shell on your database server can
> connect to any database as any user?

It is not wise to run with 'trust' in a non-development environment.

Thanks!

Stephen

Attachment

signature.asc

pgsql-general by date:

From: Stephen Frost
Date: 25 November 2015, 16:40:29
Subject: Re: Can row level security policies also be implemented for views?

From: NTPT
Date: 25 November 2015, 16:56:44
Subject: RE: [GENERAL] Query failed: ERROR: character with byte sequence 0xc2 0x96 in encoding "UTF8" has no equivalent in encoding "WIN1250"

Re: "trust" authentication in pg_hba.conf - Mailing list pgsql-general

Attachment

Previous

Next