Home > mailing lists

Re: How to deny user changing his own password? - Mailing list pgsql-general

From	Jan Wieck
Subject	Re: How to deny user changing his own password?
Date	May 29, 2003 15:47:30
Msg-id	3ED638F6.5060301@Yahoo.com Whole thread Raw
In response to	Re: How to deny user changing his own password? ("Trewern, Ben" <Ben.Trewern@mowlem.com>)
List	pgsql-general

Tree view

Trewern, Ben wrote:
> Now I think about this it would be useful:  I have an Access database
> which connects to postgres and the password is saved in the access
> frontend.  If someone (not sure how!) runs ALTER USER ..... WITH
> PASSWORD '....'; via the frontend they could disrupt the connection to
> the postgres backend.  I'm sure a similar situation could happen with
> PHP or similar as you often don't use the postgres security features to
> secure your application.

This is the second worst possible reason I can imagine for a feature
like this. Passwords coded into the frontend ... gosh!


Jan

--
#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me.                                  #
#================================================== JanWieck@Yahoo.com #

pgsql-general by date:

From: "Trewern, Ben"
Date: 29 May 2003, 15:34:09
Subject: Re: How to deny user changing his own password?

From: Network Administrator
Date: 29 May 2003, 16:03:52
Subject: Re: Blocking access to the database??

Re: How to deny user changing his own password? - Mailing list pgsql-general

Previous

Next