On 8/18/2014 6:45 PM, Ken Tanzer wrote:
Thanks. I'm not really worried about this particular vulnerability, just wondering about the more general idea that having db user name = os user could reduce your security, even if only slightly. Is it just as conceivable that a vulnerability could come along that was more exploitable only if the two names were _different_?
what I read on that vunerability, it was talking about dbuser == dbname, not os user. and frankly, I didn't get their rationale for that.
-- john r pierce 37N 122W somewhere on the middle of the left coast -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
