Re: Authenticating user `postgres'

Arcady Genkin <a.genkin@utoronto.ca>

From: Arcady Genkin <a.genkin@utoronto.ca>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: pgsql-general@postgresql.org
Date: 2001-09-27T22:40:46Z
Lists: pgsql-general
Tom Lane <tgl@sss.pgh.pa.us> writes:

> Offhand I'd think it foolish to make it easier to get into the
> superuser account than regular accounts anyway.

Not so much if the database only listens on unix domain socket, which
has tight permissions, and a UNIX user has to identify himself with a
valid password anyways.

> One possibility is to run an IDENT daemon and allow ident-authenticated
> connections from 127.0.0.1.  Then "pg_dumpall -h localhost" would work
> without a password.  Trusting other people's IDENT daemons is widely
> considered a bad idea, but I see no reason not to trust your own.

I don't want to enable TCP connections at all.

Besides, I want other local clients to use passwords.

Thanks for your reply,
-- 
Arcady Genkin
i=1; while 1, hilb(i); i=i+1; end