Oliver Elphick wrote:
While experimenting just now, I seem to have found a weird problem with
passwords, in that _anything_ I type in is accepted as a valid password.
Here are the relevant bits of pg_hba.conf
# TYPE DATABASE USER CIDR-ADDRESS METHOD
hostnossl junk olly 127.0.0.1/32 trust
host all all 127.0.0.1/32 md5
2. TCP/IP access: this uses SSL so it skips the hostnossl line and hits
the next host line, which specifies an md5 password. Whatever I type is
accepted.
In the log I have:
2007-05-30 17:54:59 BST LOG: could not receive data from client: Connection res
et by peer
2007-05-30 17:55:02 BST FATAL: password authentication failed for user "olly"
but it has still let me in.
Is it not falling back to non-SSL access, and so letting you through
with "trust"?
With a libpq call you could set "sslmode", but I'm not sure if you can
do that from the command-line.
--
Richard Huxton
Archonet Ltd
---------------------------(end of broadcast)---------------------------
TIP 5: don't forget to increase your free space map settings
