RE: [GENERAL] Another access control query
От | Nicolas Huillard |
---|---|
Тема | RE: [GENERAL] Another access control query |
Дата | |
Msg-id | 01BF1670.32342690@toulouse обсуждение исходный текст |
Ответы |
RE: [GENERAL] Another access control query
|
Список | pgsql-general |
You can add a filename to the "password" keyword. Thsi filename contains the username/crypted password of the users you wantto be able to connect from the servip to the dbX. The lines in pg_hba looks like : host bd1 serverip1 netmask password password.username1 host bd2 serverip2 netmask password password.username2 You can create the "password.*" files using the pg_passwd command. This way, passwords are stored in files rather than in the pg_shadow table, and you cannot use the "crypt" authmode. It seems that ODBC access from remote workstations can't use the crypt authmode, so it is not a real problem. Can someonetell me if it's true ? Second problem : you must set the suer password in both the pg_shadow table (using psql), and the passwd.* files (using pg_passwd). Yours, Nicolas Huillard -----Message d'origine----- De: Mark Jewiss [SMTP:Mark.Jewiss@knowledge.com] Date: jeudi 14 octobre 1999 16:50 À: pgsql-general@postgreSQL.org Objet: [GENERAL] Another access control query Hello, Similar to other questions I've seen posed in the last day or so, apologies if this exact question has been asked, I don't think it has. I want to restrict access to a set of databases to connections from a specfic machine and a specific user. Lines in my pg_hba.conf file are similar to this: host db1 serverip netmask password Effectively what I want to do is have something like: host db1 username1 serverip netmask password host db2 username2 serverip netmask password thereby ensuring that it is not possible for user2 to connect to db1 from the same machine. I know I can set up the different db's so that table security only gives any access to the user I want, but that is fiddly. Being able to do the above and prevent connections to the database will resolve that issue. Any ideas? Regards, Mark. -- Mark Jewiss Knowledge Matters Limited http://www.knowledge.com ************
В списке pgsql-general по дате отправления: