| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Richard Hayward <richard(at)tortoise(dot)demon(dot)co(dot)uk> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: prevent user change password? |
| Date: | 2005-06-05 22:40:31 |
| Message-ID: | 4495.1118011231@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Richard Hayward <richard(at)tortoise(dot)demon(dot)co(dot)uk> writes:
> On Wed, 01 Jun 2005 11:39:22 -0400, tgl(at)sss(dot)pgh(dot)pa(dot)us (Tom Lane)
> wrote:
>> Perhaps you should use something other than password authentication
>> for the guest account.
> I want anyone from anywhere to be able to connect to my_database (only
> my_database, not others in the cluster) using the guest account. The
> system is to be live on the Internet.
> Putting:
> host my_database guest 0.0.0.0 0.0.0.0 trust
> ahead of other entries in pg_hba.conf seems to do the trick. Even if
> guest is given a password, or it gets changed, guest can connect
> without being asked for it.
> The guest account will only be allowed select permissions.
> Does this open me to being attacked? I assume guest could then query
> various system tables, but that other users passwords are either not
> visible or securely encrypted.
I'd be inclined to use a postmaster dedicated *only* to that purpose,
running under a Unix userid also dedicated to that purpose. We do come
across security holes from time to time ...
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Phil Endecott | 2005-06-05 22:46:56 | CPU-intensive autovacuuming |
| Previous Message | Andreas Seltenreich | 2005-06-05 21:35:05 | Re: Limits of SQL |