On Tue, 22 Oct 2002, Igor Georgiev wrote: > > > edit *pg_hba.conf * > > > # Allow any user on the local system to connect to any > > > # database under any username, but only via an IP connection: > > > host all 127.0.0.1 255.255.255.255 trust > > > # The same, over Unix-socket connections: > > > local all trust > > what about reading pg_hba.conf comments? > > local all md5 > > > > Ok, but my question actually isn't about pg_hba.conf comments, i read enough > but what will stop root from adding this lines or doing su - postgres ??
Not much really. But given that they have access to the raw data files, preventing them access to the server doesn't gain you that much if they really want to get the data. ---------------------------(end of broadcast)--------------------------- TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/users-lounge/docs/faq.html
