Home > mailing lists

Re: Weak passwords and brute force attacks - Mailing list pgsql-hackers

From	Andrew Dunstan
Subject	Re: Weak passwords and brute force attacks
Date	December 5, 2006 17:53:17
Msg-id	4575BFFE.2020905@dunslane.net Whole thread Raw
In response to	Re: Weak passwords and brute force attacks (Stephen Frost <sfrost@snowman.net>)
List	pgsql-hackers

Tree view

Stephen Frost wrote:
> PAM is simply not always an option, unless you want to figure out a way
> to use PAM modules without using /etc/passwd and company.  Currently the
> only way to use PAM w/ password-changing done in PG is to chown all the
> various files and whatnot over to being owned by Postgres, which is a royal
> pain and a very ugly mess.  I suppose another option would be to
> convince PG to run as root but that's not exactly an encouraged setup
> either.
>
>   

That assumes that you are using system auth. PAM+LDAP for example has no 
such problems.

cheers

andrew

pgsql-hackers by date:

From: Volkan YAZICI
Date: 05 December 2006, 17:42:50
Subject: Re: Preserving Cluster-Wise Data

From: "Simon Riggs"
Date: 05 December 2006, 18:53:45
Subject: Re: Configuring BLCKSZ and XLOGSEGSZ (in 8.3)

Re: Weak passwords and brute force attacks - Mailing list pgsql-hackers

Previous

Next