| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | tgl(at)sss(dot)pgh(dot)pa(dot)us |
| Cc: | jd(at)commandprompt(dot)com, cbbrowne(at)acm(dot)org, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Bugtraq: Having Fun With PostgreSQL |
| Date: | 2007-06-23 10:00:37 |
| Message-ID: | 467CEF45.6090600@hagander.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Magnus Hagander wrote:
>>>> That won't help; that would introduce the "embarrassment" of
>>>> having a known default password.
>>> No it wouldn't unless the packagers set it up to do that. My
>>> point is that when a packager (or source) runs initdb, it would
>>> prompt for the postgres user password.
>> Practically every existing packaging of PG tries to run initdb as a
>> hidden, behind-the-scenes, definitely not-interactive procedure.
>>
>
> afaik, practically every existing packaging of pg has *already*
> solved the problem and does not set trust as default anyway. ident
> sameuser I think is the most common.
>
> One thing I've thought about doing is to remove the default in initdb
> completely and *force* the user to choose auth type. Packagers can
> then just use that to set ident or whatever. and interactive users
> can pick trust if they really need it, but it will be a known choice.
>
>
Since nobody comemnted on this, let me turn it around and ask: Does
anybody have any reason *not* to do this?
If not, I'll just make it happen... (that should at least make people
speak up :P)
//Magnus
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2007-06-23 12:41:40 | Re: Bugtraq: Having Fun With PostgreSQL |
| Previous Message | Magnus Hagander | 2007-06-23 09:56:38 | Re: How do we create the releases? |