> Iván Baldo (ivan.baldo@pilasnet.com) reports a bug with a severity of 2
> I wanted to add passwords to all the users on the database, including
> the postgres user, etc. Then everything is authenticated using "crypt"
> method, so it asks passwords EVERYTIME. The problem I found is that I
> cannot do a "pg_dumpall" anymore, since I have no way to tell it to
> use the "postgres" user with a given password.
This is a known problem. You could try to patch pg_dumpall to pass the -u
option every time it calls pg_dump and psql.
> It tries to use the
> user "root" without password and it fails miserably! What happens if a
> hacker (or worst, a cracker!) enters to the machine somehow and I
> don't ask passwords for unix domain sockets?
Try changing the permissions on the socket file (chmod).
--
Peter Eisentraut peter_e@gmx.net http://yi.org/peter-e/
