Re: Best practice for allowing access to a postgres db
Uwe Steinmann dijo [Wed, Jun 15, 2005 at 03:31:49PM +0200]:
> Hi,
>
> I got another question concerning postgresql and best practice on
> how create a database user for a web applications.
> What I got is a php+postgresql web application. What I like
> to do is creating a database and a database user with exclusive
> rights for the database.
> The default authentication method for users accessing postgresql
> is 'ident, sameuser'. If I understand that propperly, then I need
> a unix user named like the database.
> Actually, I don't want to create a system user. What is the best
> way to go? Modify pg_ident.conf or pg_hba.conf? Something else?
IMHO it'd be more in place to search for a change in how pg_hba.conf
is handled. Most databases will not be accessed via the matching Unix
user. I think the 'ident,sameuser' is not very realistic, and probably
a 'md5' would be more in place - And, yes, by default only for local
and 127.0.0.1 connections.
Greetings,
--
Gunnar Wolf - gwolf@gwolf.org - (+52-55)1451-2244 / 5623-0154
PGP key 1024D/8BB527AF 2001-10-23
Fingerprint: 0C79 D2D1 2C4E 9CE4 5973 F800 D80E F35A 8BB5 27AF
Reply to: