Mike Withers wrote:
>
> My apologies if the answer(s) to my questions are obvious to others. I'm
> still quite new to Linux and PostgreSQL.
>
> I have set up a database to be used by hundreds of students. Within psql I
> set GRANT SELECT ON database TO PUBLIC on the database but have found that
> if I login as one of those students I can login as the database owner by
> using
>
> \connect database owner
>
> I then used:
>
> ALTER USER owner WITH PASSWORD 'password';
>
> the database confirmed a change had been made. I had hoped that by
> explicitly putting a password in for the owner that if I used the \connect
> .... then I would be required to put a password in to connect as owner.
>
> Unfortunately not.
>
> Any suggestions as to how I might secure the database to SELECTS only.
> Curerently I have not invoked password authentication on the database
> itself. I'm currently using the default settings on pg_hba.conf and I'm
> wondering if the problem can be handled by altering this?
>
Perhaps this problem can be corrected by editing your
pg_hba.conf file...
and require identd or password authentication for the
127.0.0.1
or
your.local.machine.ip.address
;-)
HTH
Cheers,
John Clark
--
/) John Clark Naldoza y Lopez (\
/ ) Software Design Engineer III ( \
_( (_ _ Web-Application Development _) )_
(((\ \> /_> Cable Modem Network Management System <_\ </ /)))
(\\\\ \_/ / NEC Telecom Software Phils., Inc. \ \_/ ////)
\ / \ /
\ _/ phone: (+63 32) 233-9142 loc. 3113 \_ /
/ / cellphone: (+63 919) 399-4742 \ \
/ / email: njclark@ntsp.nec.co.jp \ \
"Intelligence is the ability to avoid doing work, yet getting the work
done"
--Linus Torvalds
