Skip site navigation (1) Skip section navigation (2)

Re: Bugtraq: Having Fun With PostgreSQL

From: Magnus Hagander <magnus(at)hagander(dot)net>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: jd(at)commandprompt(dot)com, cbbrowne(at)acm(dot)org, pgsql-hackers(at)postgresql(dot)org
Subject: Re: Bugtraq: Having Fun With PostgreSQL
Date: 2007-06-23 16:14:23
Message-ID: 467D46DF.5020406@hagander.net (view raw or flat)
Thread:
Lists: pgsql-hackers
Tom Lane wrote:
> Magnus Hagander <magnus(at)hagander(dot)net> writes:
>>> One thing I've thought about doing is to remove the default in initdb
>>> completely and *force* the user to choose auth type. Packagers can
>>> then just use that to set ident or whatever. and interactive users
>>> can pick trust if they really need it, but it will be a known choice.
> 
>> Since nobody comemnted on this, let me turn it around and ask: Does
>> anybody have any reason *not* to do this?
> 
> I'll object if no one else does: this will break existing installation
> habits and processes to no real benefit.

The benefit would be that PostgreSQL would be "secure by default". Which
we are *not* today.

As a comparison, that's been one of the most common complaints against
Windows earlier - stuff is installed and enabled by default, and only if
you already know the system do you know that you should disable it. The
same thing applies here - if you don't already know how PostgreSQL
works, you will by default install a database that's completely without
authentication.

//Magnus

In response to

Responses

pgsql-hackers by date

Next:From: Tom LaneDate: 2007-06-23 16:41:42
Subject: Re: Bugtraq: Having Fun With PostgreSQL
Previous:From: Euler Taveira de OliveiraDate: 2007-06-23 16:04:38
Subject: Re: tsearch in core patch

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group