From: | The Hermit Hacker <scrappy(at)hub(dot)org> |
---|---|
To: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: CREATE DATABASE WITH OWNER '??'; |
Date: | 2000-05-10 11:47:58 |
Message-ID: | Pine.BSF.4.21.0005100845270.777-100000@thelab.hub.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Wed, 10 May 2000, Peter Eisentraut wrote:
> On Tue, 9 May 2000, Tom Lane wrote:
>
> > > 1) You have a bootstrapping problem, because how are you going to set
> > > these privileges if you can't connect?
> >
> > Presumably the database superuser can connect to anything anytime, and
> > I'd also expect a newly-minted database to be preconfigured to let its
> > owner in.
>
> Let's say your database is password protected (as was Marc's original
> setup). Somebody connects. There's no password set up for him (because
> he didn't have access to modify pg_hba.conf). What do you do? Leave
> him through anyway to check whether he's a superuser or database
> owner? How do you know *who* he is at all without doing a password
> check?
Huh? Since when are passwords setup in pg_hba.conf? If a database has
password set, and user doesn't have password to make the initial connect,
they should be refused at the postmaster end of things, and never get to
the backend. If they have a passwd and its right, then they should get
into the backend, where the first check is to see if they are allowed to
access the database itself ...
Marc G. Fournier ICQ#7615664 IRC Nick: Scrappy
Systems Administrator @ hub.org
primary: scrappy(at)hub(dot)org secondary: scrappy(at){freebsd|postgresql}.org
From | Date | Subject | |
---|---|---|---|
Next Message | The Hermit Hacker | 2000-05-10 11:49:09 | Re: CREATE DATABASE WITH OWNER '??'; |
Previous Message | Vince Vielhaber | 2000-05-10 11:19:57 | Re: MD5 |