| From: | "A(dot) Kretschmer" <andreas(dot)kretschmer(at)schollglas(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Too easy to log in as the "postgres" user? |
| Date: | 2009-10-15 10:48:02 |
| Message-ID: | 20091015104802.GA19172@a-kretschmer.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
In response to Thom Brown :
> I've noticed that if I just log in to my server, I don't su to root,
> or become the postgres user, I can get straight into the database as
> the postgres user merely with "psql -U postgres -h localhost". My
> user account isn't a member of the postgres group.
>
> It appears I've not applied my security settings correctly. What can
> I do to prevent access this way? I'd still want to be able to su to
> the postgres user and log in that way, but not with the -U parameter
> allowing access.
>
> The pg_hba.conf is probably relevant here, so this is the setup:
>
> # TYPE DATABASE USER CIDR-ADDRESS METHOD
>
> # "local" is for Unix domain socket connections only
> local all all trust
> # IPv4 local connections:
> host all all 127.0.0.1/32 trust
> # IPv6 local connections:
> host all all ::1/128 trust
Try to change trust to sameuser.
Andreas
--
Andreas Kretschmer
Kontakt: Heynitz: 035242/47150, D1: 0160/7141639 (mehr: -> Header)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Glyn Astill | 2009-10-15 10:51:22 | Re: Too easy to log in as the "postgres" user? |
| Previous Message | Albe Laurenz | 2009-10-15 10:40:43 | Re: how to Export ALL plpgsql functions/triggers to file |