Обсуждение: alter user
Ls, any user can change his own password, i haven't found a way of prohibiting this. what about a general user (eg test/test), that is used by many people, one of those people could use alter user (being connected as test/test) the change the password, leaving the rest clueless.. suggestions to prevent this?, i need a general (readonly) user! -- Wim Bertels
Вложения
Instead of using a general purpose account, why not give everyone an account, then make them a member of a group, and give that group the access.
That way you can easily add / remove people from the group instead of trying to do it this way.
Otherwise, don't use a password, set the machine to use trust or ident or something like that where a password wouldn't matter.
-----Original Message-----
From: pgsql-admin-owner@postgresql.org on behalf of Wim Bertels
Sent: Thu 9/22/2005 6:13 PM
To: pgsql-admin@postgresql.org
Subject: [ADMIN] alter user
Ls,
any user can change his own password,
i haven't found a way of prohibiting this.
what about a general user (eg test/test), that is used by many people,
one of those people could use alter user (being connected as test/test) the
change the password, leaving the rest clueless..
suggestions to prevent this?, i need a general (readonly) user!
--
Wim Bertels
On Friday 23 September 2005 01:51, Scott Marlowe seinde rooksignalen: > Instead of using a general purpose account, why not give everyone an > account, then make them a member of a group, and give that group the > access. > > That way you can easily add / remove people from the group instead of > trying to do it this way. not an option, its for scripting and testing purposes > > Otherwise, don't use a password, set the machine to use trust or ident or > something like that where a password wouldn't matter. although it is then a user/pasword known by a lot of people, it is still beter than no password > > -----Original Message----- > From: pgsql-admin-owner@postgresql.org on behalf of Wim Bertels > Sent: Thu 9/22/2005 6:13 PM > To: pgsql-admin@postgresql.org > Subject: [ADMIN] alter user > > Ls, > > any user can change his own password, > i haven't found a way of prohibiting this. > what about a general user (eg test/test), that is used by many people, > one of those people could use alter user (being connected as test/test) the > change the password, leaving the rest clueless.. > > suggestions to prevent this?, i need a general (readonly) user! -- Wim Bertels
Вложения
On Fri, Sep 23, 2005 at 01:13:37 +0200, Wim Bertels <wim.bertels@khleuven.be> wrote: > Ls, > > any user can change his own password, > i haven't found a way of prohibiting this. > what about a general user (eg test/test), that is used by many people, > one of those people could use alter user (being connected as test/test) the > change the password, leaving the rest clueless.. > > suggestions to prevent this?, i need a general (readonly) user! Tell people not to do this. Use ident authentication. Give each person their own postgres account.
On Fri, Sep 23, 2005 at 02:32:51 +0200, Wim Bertels <wim.bertels@khleuven.be> wrote: > > > > Otherwise, don't use a password, set the machine to use trust or ident or > > something like that where a password wouldn't matter. > > although it is then a user/pasword known by a lot of people, > it is still beter than no password Why do you say that? Ident authentication is secure if you are on the same box as the postgers server.
Bruno Wolff III <bruno@wolff.to> writes:
> Why do you say that? Ident authentication is secure if you are on the same
> box as the postgers server.
The real question is this: given that you don't believe in a personal
password as authorization to use the database, what exactly *would* you
like to believe in? We have a number of possible solutions available,
but I don't know what to recommend ...
regards, tom lane
On Thu, 2005-09-22 at 19:32, Wim Bertels wrote: > On Friday 23 September 2005 01:51, Scott Marlowe seinde rooksignalen: > > Instead of using a general purpose account, why not give everyone an > > account, then make them a member of a group, and give that group the > > access. > > > > That way you can easily add / remove people from the group instead of > > trying to do it this way. > > not an option, its for scripting and testing purposes I don't see why my method(s) excludes scripting and testing. > > > > Otherwise, don't use a password, set the machine to use trust or ident or > > something like that where a password wouldn't matter. > > although it is then a user/pasword known by a lot of people, > it is still beter than no password No, it really isn't. Once everyone (or a large enough subset of everyone) knows the password, it's no better than an account that can log in without one. If it's a generic read only account with the same name as the database, give it select only permission, and add a line like this: host sameuser all 10.1.1.1 255.255.255.0 trust where the 10.1.1.1 / 255.255.255.0 are replaced with the appropriate mask to let your test machines log in. Put the host / md5 lines after this one for the same line but with all in place of sameuser and you're gold.