Andrew Sullivan <ajs(at)crankycanuck(dot)ca> writes:
> To achieve the "secure by default" feature that you want (and I like
> the scare-quotes -- I agree with those that think this adds no real
> security, but I think you're right to worry about the perception
> angle in this case), why not have a ./configure option that sets the
> default trust level for the build?
Why is that better than the initdb-time option we already have?
Locking down options earlier rather than later is usually not a win.
regards, tom lane