Re: Changing Passwords as Encrypted not Clear-Text
| От | Guillaume Lelarge |
|---|---|
| Тема | Re: Changing Passwords as Encrypted not Clear-Text |
| Дата | |
| Msg-id | 1324309528.29079.23.camel@localhost.localdomain обсуждение исходный текст |
| Ответ на | Re: Changing Passwords as Encrypted not Clear-Text (MURAT KOÇ <m.koc21@gmail.com>) |
| Список | pgsql-general |
On Mon, 2011-12-19 at 17:19 +0200, MURAT KOÇ wrote: > Thanks for reply. But it's not suitable to trust the people who have > access to the logs. > > Think, I changed my DB password and other DBA colleague who has access > to the PostgreSQL logs has seen my DB password. He started to use my > DB password instead of his password. > > He executed all DDL and DML statements with my DB account. In fact, I > did nothing but because of this gap I did all things. > > Is it a trustable situation ? How will we identify who is guilty he or > me? > Do they have access to the pg_hba.conf file? because if they have, you have no chance to stop them from connecting to the database with your user account and without any need to know your password. -- Guillaume http://blog.guillaume.lelarge.info http://www.dalibo.com PostgreSQL Sessions #3: http://www.postgresql-sessions.org
В списке pgsql-general по дате отправления: