| From: | Curt Sampson <cjs(at)cynic(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Joel Burton <joel(at)joelburton(dot)com>, Uros Gruber <uros(at)sir-mag(dot)com>, <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: How to start without password |
| Date: | 2002-06-10 08:32:47 |
| Message-ID: | Pine.NEB.4.43.0206101731080.426-100000@angelic.cynic.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Sat, 8 Jun 2002, Tom Lane wrote:
> But my opinion is that password auth is a serious PITA; you are going to
> have lots of trouble with backup scripts, not only startup, if you try
> to run your installation like that. For local connections you should
> consider whether you can't use ident authentication instead (assuming
> you have a platform on which we support ident for Unix-socket
> connections).
If you're serious about security, allowing passwordless local
connections is not a problem, because you don't allow anybody but
admins to log into the Unix system, anyway. There are far, far more
local root exploits than remote, and they appear at a faster rate,
so it's rather risky to have local users on your system anyway.
cjs
--
Curt Sampson <cjs(at)cynic(dot)net> +81 90 7737 2974 http://www.netbsd.org
Don't you know, in this new Dark Age, we're all light. --XTC
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Curt Sampson | 2002-06-10 08:51:33 | Re: Non-linear Performance |
| Previous Message | Adrian 'Dagurashibanipal' von Bidder | 2002-06-10 07:53:17 | Problem (bug?) with deferred foreign key checks? |