On Tue, Sep 16, 2008 at 1:26 AM, H D Moore <[EMAIL PROTECTED]> wrote:
> On Monday 15 September 2008, H D Moore wrote: > > For now, I am just fixing the drop table for notes, if you have a > > strong reason for removing all of the drop table calls, let me know. > > Not removing them causes subsequent db_create calls with the same name > > to reuse the old tables, which is probably not what people expect. > > I see the reason for removing the drop table lines -- you call dropdb > instead. This patch also changes the default user to 'postgres' when one > is not specified, while this works for BackTrack, it causes problems when > people run MSF as a normal user account and expect db_create to work > without arguments with a postgres instance they just started (it will > fail because the owner is their uid, not postgres). I am removing the > default-to-postgres behavior from the patch, because even though it helps > BackTrack users, it makes it more difficult to use for everyone else > (BackTrack users can just specify the postgres user on the command line). > Here I have some more segestions... PostgreSQL from source have default entry like this in pg_hba.conf[1]: (...) # TYPE DATABASE USER CIDR-ADDRESS METHOD # "local" is for Unix domain socket connections only local all all trust # IPv4 local connections: host all all 127.0.0.1/32 trust # IPv6 local connections: host all all ::1/128 trust Who permit login of superuser "postgres" to local connection without pass. I think people from Backtrack devel keep postgres in default. If people install PostgreSQL from distribtion packages, they got pg_hba.conf like this (Debian way): # TYPE DATABASE USER CIDR-ADDRESS METHOD # "local" is for Unix domain socket connections only local all all ident sameuser # IPv4 local connections: host all all 127.0.0.1/32 md5 # IPv6 local connections: host all all ::1/128 md5 Who use ident-based authentication[1], in my view I think is not simple method and all people that I known don't use it... (this is my point). I dont known about pg_hba.conf from other distros. When arriving at home I will update svn and do more tests. > -HD > _______________________________________________ > Framework-Hackers mailing list > Framework-Hackers@spool.metasploit.com > http://spool.metasploit.com/mailman/listinfo/framework-hackers > References: 1 - http://www.postgresql.org/docs/8.3/interactive/auth-pg-hba-conf.html
_______________________________________________ Framework-Hackers mailing list Framework-Hackers@spool.metasploit.com http://spool.metasploit.com/mailman/listinfo/framework-hackers
