Home > mailing lists

Re: Security problem in psql frontends - Mailing list pgsql-bugs

From	Tom Lane
Subject	Re: Security problem in psql frontends
Date	November 13, 2000 13:41:33
Msg-id	9388.974129861@sss.pgh.pa.us Whole thread Raw
In response to	Security problem in psql frontends (pgsql-bugs@postgresql.org)
List	pgsql-bugs

Tree view

pgsql-bugs@postgresql.org writes:
> I can connect to the database with a valid username and with a false
> password. Why ?

No doubt it's because you've got pg_hba.conf set to "trust" ...
passwords aren't checked unless pg_hba.conf specifies a password-
based authentication mechanism.  See
http://www.postgresql.org/users-lounge/docs/7.0/postgres/security.htm

            regards, tom lane

pgsql-bugs by date:

From: "Erdei Csaba"
Date: 13 November 2000, 05:20:39
Subject: Csaba Erdei : Security problem in psql frontends

From: pgsql-bugs@postgresql.org
Date: 13 November 2000, 18:39:08
Subject: JDBC driver DatabaseMetaData.getTables() unconditionally lowercases tableName pattern

Re: Security problem in psql frontends - Mailing list pgsql-bugs

Previous

Next