| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Tamsin" <tg_mail(at)bryncadfan(dot)co(dot)uk> |
| Cc: | "Postgres General" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: pg_hba.conf |
| Date: | 2000-10-09 21:58:49 |
| Message-ID: | 7399.971128729@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
"Tamsin" <tg_mail(at)bryncadfan(dot)co(dot)uk> writes:
> I'm trying to sort out security on my db, configuring pg_hba.conf etc. I
> just wanted to check that this in't possible - I want my postgres linux user
> to be able to connect to the database without a password, but I don't want
> other users logged on to the linux box to be able to connect as postgres
> i.e. by going psql dbname postgres.
I should think 'ident' authentication would get the job done, assuming
that your box is running identd. Of course identd is only as
trustworthy as the machine's admin, but if you don't trust root on your
server then password security is academic anyway. I wouldn't recommend
allowing ident auth for logins from untrusted machines, natch.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2000-10-09 22:23:34 | Re: persistent db connections/resiliency |
| Previous Message | Ned Lilly | 2000-10-09 21:51:03 | object features in Oracle 8/9 |