Quick Links

Re: how to keep/lock/ hide pg_hba.conf ?

From:	Peter Eisentraut <peter_e(at)gmx(dot)net>
To:	"john(dot)cheng" <neoart(dot)hinet(at)msa(dot)hinet(dot)net>
Cc:	pgsql-hackers(at)postgresql(dot)org
Subject:	Re: how to keep/lock/ hide pg_hba.conf ?
Date:	2011-04-11 19:23:07
Message-ID:	1302549787.22447.1.camel@vanquo.pezone.net
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On mån, 2011-04-11 at 07:35 -0700, john.cheng wrote:
> I found that,if user modified the pg_hba.conf, modified the
> "METHOD"field from md5 to "password" then,user can find out the
> password by some the TCP/IP peep tool

Don't do that then.

Are you concerned that your users would do this? Well, if you install
software on their machine, they can do whatever they want with it.
That's not an easy issue to solve.

In response to

how to keep/lock/ hide pg_hba.conf ? at 2011-04-11 14:35:21 from john.cheng

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Pavel Stehule	2011-04-11 19:34:55	Re: Global variables in plpgsql
Previous Message	Jaime Casanova	2011-04-11 19:21:33	Re: how to keep/lock/ hide pg_hba.conf ?