Re: Disable TRUST authentication mode

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am 10.03.2012 16:21, schrieb c k:
It we can disable the TRUST mode then every user have to login with
password and every fraud user have to know the password (at least) of
the user. It is not the case that users from other departments share
their passwords, but fraud users just bypasses the need to know the
password.

If they can alter pg_hba.conf they can almost certainly also change/add users, alter passwords, etc, etc... So from a security perspective it doesn't buy you much.

I don't know if you could build a custom postgresql from sources with trust disabled. But it wouldn't be worth the trouble imo.

Jan


--
Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin


[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux