|
Hi everyone.
There is a big security hole in
postgres...
To discover the problem follow these
steps
1. Be sure to have two pc connected by network
card
2. One is windows the other is Linux
3. PostgreSQL is installed on Linux (I use version
6.4.2)
4. Create a pwdfile using pg_passwd
5. Modify pg_access file setting that host (windows) must
be autenticated
by pwd in file pdwfile
6. Create a db on postgres
7. Create a new MS DataLink on Windows
8. Set all options to reference db previously
created
9. Set correct username and password then click
Test...
You may read Connection OK
10. Now change password (a different one that doesn't
exist)
You read (Error)
11. And now... delete password leave the field blank...
And... surprise,,,
Succesfully Accesss......
I hope someone tries and confirms me the
problem...
Please do not tell me (again) be sure to set pg_access
file...
without testing all steps...
Bye
|
