Creating DB with pass, but pass not required to connect
Hi folks. I'm creating a database using the following command:
createdb -U pablo -W pablotest1
I'm prompted to enter the password to create the DB, and after doing so
the db is created successfully.
However, when I connect to this database via a php script, I can enter
any valid database user, and I can enter anything for the password (or
leave it blank), and I'm still able to connect.
So, each of these connection calls works:
$conn->Connect('localhost','pablo','realpass','pablotest1');
$conn->Connect('localhost','pablo','','pablotest1');
$conn->Connect('localhost','pablo','abc123','pablotest1');
$conn->Connect('localhost','bsc','notapass','pablotest1');
$conn->Connect('localhost','bsc','','pablotest1');
Obviously I'm doing something wrong here, since I don't want scripts to
be able to connect without the proper credentials.
Can anyone give me an idea if I'm executing the createdb command
incorrectly, or if something on the server level might be causing this?
Cheers and TIA,
Pablo
"Pablo Gosse" <gossep@unbc.ca> writes:
However, when I connect to this database via a php script, I can enter
any valid database user, and I can enter anything for the password (or
leave it blank), and I'm still able to connect.
Sounds like you don't have pg_hba.conf configured to demand password
authentication. See
http://www.postgresql.org/docs/7.4/static/client-authentication.html
regards, tom lane