Thread: Problem with security
Maybe this is an easy one but,
I've created a user called 'ebstrack' and they own a database called 'ebs_dd'.
When I'm on a different server than the database server, and I do this at a unix prompt:
$> psql ebs_dd -U ebstrack --host=archer
It logs me in without a password, and I am able to SELECT off the tables.
Any idea on how to prevent this?
Thanks!
Troy Campano
[:==> Troy Campano <==:]
Database (Request Manager/web/database)
http://intranet:3000/infosys/infra/software/database/dbapp/
http://intranet2/reqman/
Microsoft gave you Windows, UNIX the whole house.
Problem with securitypg_hba.conf in the database directory has the login permissions. Sounds like you have "trust" permissions, and you want "password". Should be pretty self-explanatory once you open that file. Greg ----- Original Message ----- From: Troy.Campano@LibertyMutual.com To: pgsql-general@postgresql.org Sent: Monday, December 03, 2001 1:26 PM Subject: [GENERAL] Problem with security Maybe this is an easy one but, I've created a user called 'ebstrack' and they own a database called 'ebs_dd'. When I'm on a different server than the database server, and I do this at a unix prompt: $> psql ebs_dd -U ebstrack --host=archer It logs me in without a password, and I am able to SELECT off the tables. Any idea on how to prevent this? Thanks! Troy Campano [:==> Troy Campano <==:] Database (Request Manager/web/database) http://intranet:3000/infosys/infra/software/database/dbapp/ http://intranet2/reqman/ Microsoft gave you Windows, UNIX the whole house.
On Mon, 3 Dec 2001 Troy.Campano@LibertyMutual.com wrote: > Maybe this is an easy one but, > I've created a user called 'ebstrack' and they own a database called > 'ebs_dd'. > > When I'm on a different server than the database server, and I do this at a > unix prompt: > > $> psql ebs_dd -U ebstrack --host=archer > > It logs me in without a password, and I am able to SELECT off the tables. What's in your pg_hba.conf?