Re: Problems with user-level security
| От | Peter Eisentraut |
|---|---|
| Тема | Re: Problems with user-level security |
| Дата | |
| Msg-id | Pine.LNX.4.30.0111072053310.835-100000@peter.localdomain обсуждение исходный текст |
| Ответ на | Problems with user-level security (Nick Sayer <nsayer@quack.kfu.com>) |
| Список | pgsql-admin |
Nick Sayer writes: > On the one hand, I need > > local sameuser password > > because I have untrusted users who should only have access to their own > databases. > > On the other hand, I do a nightly pg_dumpall as part of the backups so that > I don't have to dump the actual database working areas. For that to work, I > need to say > > local all password > > so that my backup script will work. If you are only concerned about local access then you should consider using 'ident' authentication. In 7.1 this only works for TCP/IP connections (so you have to go through 'localhost'), but in 7.2 it will also work with local connections. Another possibility is to use 'local sameuser trust' and set a filesystem permission on the socket. (See unix_socket_* parameters in postgresql.conf.) In 7.2 we'll also have PAM, so you'll be able to do whatever you want. -- Peter Eisentraut peter_e@gmx.net
В списке pgsql-admin по дате отправления: