Matt Sullivan <matt(at)sullivan(dot)gen(dot)nz> writes:
> Essentially, in our environment, we require password authentication as
> a defacto. However it appears that once a user has authenticated with
> the backend it is possible for that user to trivially assume root dba
> privileges or privileges of any other dba user.
It appears that psql will auto-supply the previously entered password,
so if you were using the same password for all your accounts then this
might happen. Otherwise it's pretty hard to believe. That new
connection is to a new backend; there's no way for it to know that you
were previously connected.
Offhand I think it would be a good idea for psql to insist on a new
password if the \connect command gives a new user name...
regards, tom lane