[EMAIL PROTECTED] writes: > I can connect to the database with a valid username and with a false > password. Why ? No doubt it's because you've got pg_hba.conf set to "trust" ... passwords aren't checked unless pg_hba.conf specifies a password- based authentication mechanism. See http://www.postgresql.org/users-lounge/docs/7.0/postgres/security.htm regards, tom lane
- [BUGS] Security problem in psql frontends pgsql-bugs
- Tom Lane
