Thread: Any password'll do!

Any password'll do!

From
"Simon Hart"
Date:
Hi,
 
I'm running postgresql 7.2 on a RedHat 8 linux box. Using pgadmin2 version 1.4.9 to access. Worryingly I can successfully access using a valid account with ANY password. I do have passwords configured on the user accounts. Am I missing something?
 
Simon Hart

Re: Any password'll do!

From
"Dave Page"
Date:
Hi Simon,
 
It sounds like the pg_hba.conf file on your server is set to trust any connections from your host. For reference, pgAdmin doesn't bypass any PostgreSQL security, so any issues will definately be at that end (and pg7.2 is certainly not that broken!).
 
Regards, Dave. 
-----Original Message-----
From: Simon Hart [mailto:simon.hart@totalise.co.uk]
Sent: 20 March 2003 16:28
To: pgadmin-support@postgresql.org
Subject: [pgadmin-support] Any password'll do!

Hi,
 
I'm running postgresql 7.2 on a RedHat 8 linux box. Using pgadmin2 version 1.4.9 to access. Worryingly I can successfully access using a valid account with ANY password. I do have passwords configured on the user accounts. Am I missing something?
 
Simon Hart

Re: Any password'll do!

From
"Simon Hart"
Date:
Dave,
 
Yep thats the problem - just checked the pg_hba.conf.
 
Many thanks,
----- Original Message -----
From: Dave Page
Sent: Thursday, March 20, 2003 5:11 PM
Subject: RE: [pgadmin-support] Any password'll do!

Hi Simon,
 
It sounds like the pg_hba.conf file on your server is set to trust any connections from your host. For reference, pgAdmin doesn't bypass any PostgreSQL security, so any issues will definately be at that end (and pg7.2 is certainly not that broken!).
 
Regards, Dave. 
-----Original Message-----
From: Simon Hart [mailto:simon.hart@totalise.co.uk]
Sent: 20 March 2003 16:28
To: pgadmin-support@postgresql.org
Subject: [pgadmin-support] Any password'll do!

Hi,
 
I'm running postgresql 7.2 on a RedHat 8 linux box. Using pgadmin2 version 1.4.9 to access. Worryingly I can successfully access using a valid account with ANY password. I do have passwords configured on the user accounts. Am I missing something?
 
Simon Hart