Do I need to know the password from the postgres user?

M

Mimuss2017-08-12 02:32:58

PostgreSQL

Mimuss, 2017-08-12 02:32:58

I heard that you don't need to know the password from the postgres user at all, as it breaks some security. Then how do they act in this situation? Create a role using postgres with the same privileges? And what to do with the cluster, because postgres owns it?
PS I downloaded from a ready-made package on Ubuntu, so the postgres user is installed by default and I don’t know the password for it

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

A

Alexander Kuznetsov, 2017-08-12
@Mimuss

postgres is the superuser, which has access to everything by default.
Working from under it is about the same as working from under root on linux, or from under root in MySQL, etc.
Most often, you need one base. So make an administrator user in the context of this database and connect through it. This is both better and safer.
The reason is simple, you can accidentally change / delete something, which can lead to sad consequences. Information security also cannot be thrown away, not all databases are intended for you and not all of you have the right to use.
Fortunately, you can only connect from the postgres genus either locally or from a limited number of hosts.

K

ky0, 2017-08-12
@ky0

There is nothing wrong with DBA knowing the password from the postgres user, it is much more important to limit the possibility of password guessing from outside, for example, using pg_hba, allowing only a local connection.