If I change the challange method to md5, I have to know the passwd.
So, are you saying that it is good practice to leave local connections
as trust? This doesn't seem right to me. I either have to set the
pw or leave it as trust. Maybe you are supposed to leave postgresql
db account alone and create an alternate. I just haven't found where
the best practices are discussed.
Is there a security document that discusses these items and other
security best practices?
On Wed, Oct 04, 2006 at 03:27:10PM -0700, Richard Broersma Jr wrote:
> > What is the default pw for the postgresql db account?
> > Is it a correct management practice to change this pw?
> >
> > template1=# select * from pg_user;
> > usename | usesysid | usecreatedb | usesuper | usecatupd | passwd | valuntil | useconfig
> > ------------+----------+-------------+----------+-----------+----------+----------+-----------
> > postgresql | 10 | t | t | t | ******** | |
>
> My understanding is that the "postgres" account both OS and DB do not have a password.
>
> On a *nix OS, postgres can only be su - from a privileged root account. This way it can not be
> directly logged into. This is supposed to be more secure, since you only have to worry about your
> root password being cracked.
>
> Regards,
>
> Richard Broersma Jr.
>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: don't forget to increase your free space map settings