On Sat, 10 Mar 2012 21:50:32 +0530
c k wrote:
> I understand that the users who have the access to the system can also
> change binaries. We are also thinking about the same. Using a virtual
> server for the database with almost 80% of the system resource where
> even persons from the IT departme
c k wrote:
> One of our customer found that few of it's employees are trying to
> change the data without having any proper rights. The simplest way
> is to get the control of the server and then change the mode of the
> authentication to trust and restart the server.
There's your problem righ
Thanks to all.
I understand that the users who have the access to the system can also
change binaries. We are also thinking about the same. Using a virtual
server for the database with almost 80% of the system resource where even
persons from the IT department does not have the root access and do n
Jan Lentfer writes:
> Am 10.03.2012 16:21, schrieb c k:
>> It we can disable the TRUST mode then every user have to login with
>> password and every fraud user have to know the password (at least) of
>> the user. It is not the case that users from other departments share
>> their passwords, but fr
Am 10.03.2012 16:21, schrieb c k:
It we can disable the TRUST mode then every user have to login with
password and every fraud user have to know the password (at least) of
the user. It is not the case that users from other departments share
their passwords, but fraud users just bypasses the need
On Sat, 10 Mar 2012 20:51:58 +0530
c k wrote:
> It we can disable the TRUST mode then every user have to login with
> password and every fraud user have to know the password (at least) of
> the user. It is not the case that users from other departments share
> their passwords, but fraud users jus
It we can disable the TRUST mode then every user have to login with
password and every fraud user have to know the password (at least) of the
user. It is not the case that users from other departments share their
passwords, but fraud users just bypasses the need to know the password.
C P Kulkarni
On Sat, 10 Mar 2012 20:45:38 +0530
c k wrote:
> I am not managing the customer database. The problem is related with
> the IT department of the customer who has the access to the database
> server and the fraud persons from this department can chnage the
> authentication to trust to get the acces
Am 10.03.2012 16:09, schrieb Jan Lentfer:
Sorry, maybe I do not entirely understand what you mean, but just >don't
use< trust in you pg_hba.conf?
Reading it again, I'd say this is your problem:
"The simplest way is >to get the control of the server< and then change
the mode of the authenticat
I am not managing the customer database. The problem is related with the IT
department of the customer who has the access to the database server and
the fraud persons from this department can chnage the authentication to
trust to get the access to database without knowing the passwords and even
to
Am 10.03.2012 16:00, schrieb c k:
Can we disable the trust authentication mode?
[...]
What steps we can take to prevent such access or to disable the TRUST
mode completely?
Sorry, maybe I do not entirely understand what you mean, but just >don't
use< trust in you pg_hba.conf?
Jan
--
Se
11 matches
Mail list logo
