Authentication once again... - Mailing list pgsql-admin

From Guennadi V. Liakhovetski
Subject Authentication once again...
Date
Msg-id Pine.GSO.4.21.0004201002180.22454-100000@acms11
Whole thread Raw
List pgsql-admin
Dear all

I've just started using postgreSQL (on a network of SUNs) and immediately
have run into the 'famous' (as it appears from this mail-list
archive) authentication problem. And the question is quite simple (I wish
the answer was...): Can one make postgreSQL work in the following way:

If somebody attempts to access a database under a database username, which
coincides with the UNIX username of that person - trust him.

If somebody attempts to access a database under a database username
different from his/her UNIX username - ask for a password.

So far I find 'trust-mode' behaviour very cumbersome and insecure - once
you are logged into a machine, which has a 'trust' line in the
pg_hba.conf, you may access any databases (allowed for this machine) under
ANY database username WITHOUT passwords! I.e., say, you know, there is a
user john, you can type 'psql -u <basename>' then at a prompt
'Username: john', 'Password: blablabla' - and here you are!

Any ideas? Sorry for a long message
Regards
Guennadi
___

Dr. Guennadi V. Liakhovetski
Sheffield Centre for Earth Observation Science
Department of Applied Mathematics
University of Sheffield
Hicks Building, Hounsfield Road
Sheffield S3 7RH
phone: +44-(0)114-222-3798
fax:   +44-(0)114-222-3739
email: G.Liakhovetski@sheffield.ac.uk



pgsql-admin by date:

Previous
From: Laqtib Slam
Date:
Subject: ERROR: cannot write block
Next
From: Loïc TREGOUËT
Date:
Subject: oreilly