| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Magnus Hagander <mha(at)sollentuna(dot)net>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Is "trust" really a good default? |
| Date: | 2004-07-12 20:11:42 |
| Message-ID: | 200407122011.i6CKBg018849@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane wrote:
> "Magnus Hagander" <mha(at)sollentuna(dot)net> writes:
> > Is it really such a good idea to have "trust" authentication enabled for
> > localhost (TCP/IP and Unix sockets) by default?
>
> No, but none of the others are better. See previous discussions in the
> archives. I don't think the situation has changed any since the last
> time we hashed this out.
If they supply a password to initdb, shouldn't we then require a
password in pg_hba.conf.
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2004-07-12 20:11:53 | Re: patch for different join result order on regression test |
| Previous Message | Tom Lane | 2004-07-12 20:07:04 | Re: Is "trust" really a good default? |