Home > mailing lists

Re: psql and security - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: psql and security
Date	September 21, 2001 13:46:53
Msg-id	28109.1001082998@sss.pgh.pa.us Whole thread Raw
In response to	Re: psql and security (Peter Eisentraut <peter_e@gmx.net>)
Responses	Re: psql and security (Peter Eisentraut <peter_e@gmx.net>)
List	pgsql-hackers

Tree view

Peter Eisentraut <peter_e@gmx.net> writes:
> concluding that this password is valid for all databases is trivial since
> that's the default setup.

No, I think you're missing the point --- we're concerned about
reconnecting as a different user, not reconnecting to a different
database.  The issue is that psql will silently try to use user A's
password to authenticate as user B.  While one would hope that this
fails, it doesn't seem like a good idea even to try it.
        regards, tom lane

pgsql-hackers by date:

From: Tom Lane
Date: 21 September 2001, 13:29:52
Subject: Re: psql and security

From: Tom Lane
Date: 21 September 2001, 13:47:07
Subject: Re: cvsup trouble

Re: psql and security - Mailing list pgsql-hackers

Previous

Next