Thread: Authentication once again...

Authentication once again...

From
"Guennadi V. Liakhovetski"
Date:
Dear all

I've just started using postgreSQL (on a network of SUNs) and immediately
have run into the 'famous' (as it appears from this mail-list
archive) authentication problem. And the question is quite simple (I wish
the answer was...): Can one make postgreSQL work in the following way:

If somebody attempts to access a database under a database username, which
coincides with the UNIX username of that person - trust him.

If somebody attempts to access a database under a database username
different from his/her UNIX username - ask for a password.

So far I find 'trust-mode' behaviour very cumbersome and insecure - once
you are logged into a machine, which has a 'trust' line in the
pg_hba.conf, you may access any databases (allowed for this machine) under
ANY database username WITHOUT passwords! I.e., say, you know, there is a
user john, you can type 'psql -u <basename>' then at a prompt
'Username: john', 'Password: blablabla' - and here you are!

Any ideas? Sorry for a long message
Regards
Guennadi
___

Dr. Guennadi V. Liakhovetski
Sheffield Centre for Earth Observation Science
Department of Applied Mathematics
University of Sheffield
Hicks Building, Hounsfield Road
Sheffield S3 7RH
phone: +44-(0)114-222-3798
fax:   +44-(0)114-222-3739
email: G.Liakhovetski@sheffield.ac.uk