Search Postgresql Archives

Re: Securing Postgres

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Oct 05, 2005 at 05:27:22PM +0200, L van der Walt wrote:
> I have played now with MySQL and with MySQL you can change the password 
> for root in MySQL (same as postgres in PostgreSQL).  If you use the 
> command line tools like dump you require the password.  Just because 
> your root doesn't mean your root in MySQL

If you think that protects your data, I have a bridge to sell you. All
I would need to do would be to download the MySQL source, delete the
password check, compile and I can see all the data.

> Can one separate the user postgres in PostgreSQL from the user postgres 
> in Linux(The OS)?

Sure, delete the entries from pg_hba.conf. Like so:

root@vali:~# su - postgres 
postgres@vali:~$ psql test
psql: FATAL:  no pg_hba.conf entry for host "[local]", user "postgres", database "test", SSL off

See, can't get in. Ofcourse, your "rogue" administrators would simply
add themselves to the config file and they're in. They're root you
see...
-- 
Martijn van Oosterhout   <kleptog@xxxxxxxxx>   http://svana.org/kleptog/
> Patent. n. Genius is 5% inspiration and 95% perspiration. A patent is a
> tool for doing 5% of the work and then sitting around waiting for someone
> else to do the other 95% so you can sue them.

Attachment: pgp0J2iixaqYQ.pgp
Description: PGP signature


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux