| From: | shing dong <s7eqs7eq(at)gmail(dot)com> |
|---|---|
| To: | pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | How to confirm the pg_hba.conf service is correctly working |
| Date: | 2021-12-21 09:18:22 |
| Message-ID: | CAEJor113xtxBOECGu4cyGLrn0vf1qgAw6tAfx9LJSaMdWY-qRA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hello all
A while ago, our company had an Postgres DB that was Hacked login db to
modify data
found that pg_hba.conf is not work
Any ip, user can log in to DB
1. The rules in pg_hba.conf are almost invalid
2. pg_hba.conf is only useful for METHOD = trust
3. check SHOW hba_file; the file location is correct
4. select * from pg_hba_file_rules; checked is correct
5.DB version : PostgreSQL 10.19 on x86_64-pc-linux-gnu, compiled by gcc
(GCC) 4.8.5 20150623 (Red Hat 4.8.5-44), 64-bit
Even if you delete the text in pg_hba.conf
Keep only
host VJ VJ_USER 10.10.10.1/32 md5
After pg_ctl reload and Restart DB , any ip, user still can log in to DB
Please help how to check whether the pg_hba.conf service is defective
If you need any information, I will provide it
Thanks
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2021-12-21 14:42:46 | Re: How to confirm the pg_hba.conf service is correctly working |
| Previous Message | Ron | 2021-12-21 06:35:30 | Re: Sorting difference in version 10 vs 13 |