On Wed, Oct 05, 2005 at 05:27:22PM +0200, L van der Walt wrote: > I have played now with MySQL and with MySQL you can change the password > for root in MySQL (same as postgres in PostgreSQL). If you use the > command line tools like dump you require the password. Just because > your root doesn't mean your root in MySQL If you think that protects your data, I have a bridge to sell you. All I would need to do would be to download the MySQL source, delete the password check, compile and I can see all the data. > Can one separate the user postgres in PostgreSQL from the user postgres > in Linux(The OS)? Sure, delete the entries from pg_hba.conf. Like so: root@vali:~# su - postgres postgres@vali:~$ psql test psql: FATAL: no pg_hba.conf entry for host "[local]", user "postgres", database "test", SSL off See, can't get in. Ofcourse, your "rogue" administrators would simply add themselves to the config file and they're in. They're root you see... -- Martijn van Oosterhout <kleptog@xxxxxxxxx> http://svana.org/kleptog/ > Patent. n. Genius is 5% inspiration and 95% perspiration. A patent is a > tool for doing 5% of the work and then sitting around waiting for someone > else to do the other 95% so you can sue them.
Attachment:
pgp0J2iixaqYQ.pgp
Description: PGP signature