From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | "Magnus Hagander" <mha(at)sollentuna(dot)net>, "Bruce Momjian" <pgman(at)candle(dot)pha(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Is "trust" really a good default? |
Date: | 2004-07-15 21:48:34 |
Message-ID: | 200407152348.34057.peter_e@gmx.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Tom Lane wrote:
> I don't really see a problem with doing it that way. People who want
> to use -W are presumably worried about the security of their local
> system, otherwise they would just fire up the postmaster and set a
> password later.
No, that is exactly what I don't agree with. People might want to
assign a password just so that the user has one, with the intention of
configuring non-local password-protected access right after initdb
finishes. It's a convenience that you set the password when the user
is logically created.
> There are of course some questions about how to document this
> effectively, so that it doesn't create more confusion than it avoids.
Yes, that is another thing I'm afraid of.
--
Peter Eisentraut
http://developer.postgresql.org/~petere/
From | Date | Subject | |
---|---|---|---|
Next Message | DarkSamurai | 2004-07-15 22:02:32 | Escaping metacharacters |
Previous Message | Simon Riggs | 2004-07-15 21:47:22 | Re: Point in Time Recovery |