| From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
|---|---|
| To: | "Magnus Hagander" <mha(at)sollentuna(dot)net>, <pgsql-patches(at)postgresql(dot)org> |
| Subject: | Re: initdb authentication |
| Date: | 2004-07-15 21:20:46 |
| Message-ID: | 200407152320.46581.peter_e@gmx.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Magnus Hagander wrote:
> This one makes it mandatory to pick some kind of authentication. If
> that's not wanted, it's easy to change it to default to trust (which
> I think is wrong, but we've been through that already..)
I don't think I like any of this. Sooner rather than later, people need
to look at pg_hba.conf and think about it. I don't like switches that
induce them to skip that step. And I certainly don't like forcing
extra switches on users that just try out an installation locally.
I would be in favor of making everything supertight and secure by
default, no questions asked. The is a definable goal. But as long as
there is no agreement on that, let's not create illusions in that
direction while inconveniencing a bunch of people for little gain.
--
Peter Eisentraut
http://developer.postgresql.org/~petere/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2004-07-15 22:39:53 | Re: [PATCHES] serverlog rotation/functions |
| Previous Message | Magnus Hagander | 2004-07-15 21:01:51 | initdb authentication |