On Mon, Apr 11, 2011 at 9:35 AM, john.cheng <neoart.hi...@msa.hinet.net> wrote: > I found that,if user modified the pg_hba.conf, modified the "METHOD"field > from md5 to "password"
if it's a client/server app the user shouldn't have access to the server, so how could him to make the change? Also the directory in which the pg_hba.conf is is only visible/writable for the database cluster owner and the system administrator, so that means you're allowing your user to connect to the server as one of those users? or is windows uncapable of enforce those restrictions? -- Jaime Casanova www.2ndQuadrant.com Professional PostgreSQL: Soporte y capacitación de PostgreSQL -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers