From: | Ray Stell <stellr(at)cns(dot)vt(dot)edu> |
---|---|
To: | Richard Broersma Jr <rabroersma(at)yahoo(dot)com> |
Cc: | pgsql-novice(at)postgresql(dot)org |
Subject: | Re: postgresql db account |
Date: | 2006-10-05 11:47:17 |
Message-ID: | 20061005114717.GA16474@cns.vt.edu |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-novice |
If I change the challange method to md5, I have to know the passwd.
So, are you saying that it is good practice to leave local connections
as trust? This doesn't seem right to me. I either have to set the
pw or leave it as trust. Maybe you are supposed to leave postgresql
db account alone and create an alternate. I just haven't found where
the best practices are discussed.
Is there a security document that discusses these items and other
security best practices?
On Wed, Oct 04, 2006 at 03:27:10PM -0700, Richard Broersma Jr wrote:
> > What is the default pw for the postgresql db account?
> > Is it a correct management practice to change this pw?
> >
> > template1=# select * from pg_user;
> > usename | usesysid | usecreatedb | usesuper | usecatupd | passwd | valuntil | useconfig
> > ------------+----------+-------------+----------+-----------+----------+----------+-----------
> > postgresql | 10 | t | t | t | ******** | |
>
> My understanding is that the "postgres" account both OS and DB do not have a password.
>
> On a *nix OS, postgres can only be su - from a privileged root account. This way it can not be
> directly logged into. This is supposed to be more secure, since you only have to worry about your
> root password being cracked.
>
> Regards,
>
> Richard Broersma Jr.
>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: don't forget to increase your free space map settings
From | Date | Subject | |
---|---|---|---|
Next Message | Sean Davis | 2006-10-05 12:06:06 | Re: postgresql db account |
Previous Message | Sean Davis | 2006-10-05 11:14:34 | Re: postgresql db account |