On Sat, 10 Mar 2012 20:51:58 +0530
c k <shreeseva.learning@gmail.com> wrote:
> It we can disable the TRUST mode then every user have to login with
> password and every fraud user have to know the password (at least) of
> the user. It is not the case that users from other departments share
> their passwords, but fraud users just bypasses the need to know the
> password.
Users that are able to change pg_hba.conf are most likely also able to
replace any binary at the system. Even you are right that the trust
option is a bit dangerous, but its not your root issue.
Cheers,
Frank
--
Frank Lanitz <frank@frank.uvena.de>