Steve Atkins <[EMAIL PROTECTED]> writes:
> On Apr 14, 2006, at 6:47 PM, Peter van der Maas wrote:
>> Is it correct to assume that if a user has write permission to
>> \data\global\pg_auth on a Win32 machine, the superuser's MD5 hash
>> can be replaced with one of a known origin in order to own the DB?
> Probably. It'd be much easier to edit pg_hba.conf, though.
Actually, if you have write permission on the $PGDATA tree, you
*already* own the DB for every practical purpose. Focusing on passwords
is silly.
regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faq
