Thread: basic security
| hello, I want to establish basic security for my pgsql database, which is on a commercial web server. In particular, I don't want people to be able to login from the internet as my superuser. If I ALTER USER my_superuser NOLOGIN, will that be sufficient? I've passworded that user, but I seem to be able to get access myself without providing the password. thanks, REH |
See pg_hba.conf. http://www.postgresql.org/docs/8.3/interactive/auth-pg-hba-conf.html Regards, Tim Bowden On Wed, 2008-11-05 at 09:34 -0800, Robert Hollingsworth wrote: > hello, > I want to establish basic security for my pgsql database, which is on > a commercial web server. In particular, I don't want people to be > able to login from the internet as my superuser. > > If I ALTER USER my_superuser NOLOGIN, will that be sufficient? I've > passworded that user, but I seem to be able to get access myself > without providing the password. > > thanks, > REH > -- Experience is that marvelous thing that enables you recognize a mistake when you make it again.