From: | "Magnus Hagander" <mha(at)sollentuna(dot)net> |
---|---|
To: | "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>, "Merlin Moncure" <merlin(dot)moncure(at)rcsonline(dot)com> |
Cc: | <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Is "trust" really a good default? |
Date: | 2004-07-13 07:47:20 |
Message-ID: | 6BCB9D8A16AC4241919521715F4D8BCE34BE40@algol.sollentuna.se |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> > IMO, forcing su password at initdb time (allowing blank
> password with
> > a very stern warning) and bumping localhost to auth is the
> right way
> > to go.
>
> This isn't happening for a number of reasons, the most
> obvious being that we cannot require initdb to be run
> interactively. (That stern warning will not impress /dev/null.)
This is the very reason --pwfile was added. It's not just a win32 fix,
it's a "any packager that needs to run without interactivity" fix. Yes,
you can stick a blank password in there, but again, this is a choice and
not a default in that case.
//Magnus
From | Date | Subject | |
---|---|---|---|
Next Message | Magnus Hagander | 2004-07-13 07:51:04 | Re: Is "trust" really a good default? |
Previous Message | Magnus Hagander | 2004-07-13 07:43:18 | Re: Is "trust" really a good default? |