| From: | Tony Grant <tony(at)tgds(dot)net> |
|---|---|
| To: | James Hall <James(dot)Hall(at)RadioShack(dot)com> |
| Cc: | postgres list <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Pg_hba not using local setting |
| Date: | 2003-03-14 16:37:02 |
| Message-ID: | 1047659821.1718.9.camel@vaio |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Fri, 2003-03-14 at 17:22, James Hall wrote:
> Running version 7.1, have the following entry in PG_HBA.CONF:
> ---
> Local all trust
> Host all 123.0.0.0 255.255.255.0
> password
> ---
>
> With that setting, anyone can login to the database [via our web based
> interface]
> WITHOUT a valid password. If I change local from trust to password then web
> based users have to enter their specific password to login to the database.
> But none of the backup scripts run because postgres needs a password.
>
> Is this a bug, or do I have a misunderstanding of the local use?
What is your web interface programmed in?
I have setup a tomcat user who can access the database. So only tomcat
and the postgres users can access the database. Users log into the
application, not the database in my case. I think that might be a better
security model.
Cheers
Tony Grant
--
www.tgds.net Library management software toolkit,
redhat linux on Sony Vaio C1XD,
Dreamweaver MX with Tomcat and PostgreSQL
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Greg Sabino Mullane | 2003-03-14 16:37:09 | Online docs down again |
| Previous Message | James Hall | 2003-03-14 16:22:57 | Pg_hba not using local setting |