On Tue, Jun 26, 2007 at 03:08:59PM -0400, Tom Lane wrote:
> It still wouldn't make us "secure by default". Not unless you propose
> to actually change the default.
Perhaps I wasn't clear enough, but the suggestion I made (for
something I actually don't care about, I hasten to add again) was
that the configure switch _would_ be set to something different by
default. So it would require that those who need trust to work would
have to enable it on purpose; but (I suggested) at a not-too-invasive
point. It'd just be another configure option, and you usually have
to reconsider those at major version upgrade anyway. Nevertheless,
> In any case, what is "secure by default"?
. . .I agree that the checkbox is a dumb one. I think the entire
topic isn't worth the amount of electrons already spilled over it. I
don't see anyone clamouring for this and I see at least one person
strongly opposed. I think it should be regarded as Dead, Jim.
Andrew Sullivan | ajs(at)crankycanuck(dot)ca
I remember when computers were frustrating because they *did* exactly what
you told them to. That actually seems sort of quaint now.
In response to
pgsql-hackers by date
|Next:||From: Gregory Stark||Date: 2007-06-26 19:47:09|
|Subject: Re: Bugtraq: Having Fun With PostgreSQL|
|Previous:||From: Tom Lane||Date: 2007-06-26 19:08:59|
|Subject: Re: Bugtraq: Having Fun With PostgreSQL |