Re: [HACKERS] Is "trust" really a good default?

Magnus Hagander wrote:
> > not to mention the
> >more basic problem that the comments will now be wrong.
>
> That, however, it is correct :-( Sloppy.
>
> How about a text along the line of:
> CAUTION: Configuring the system for "trust" authentication allows any
> local user to connect using any PostgreSQL user name, including the
> superuser, over either Unix domain sockets or TCP/IP. If you are on
> a multiple-user machine, this is probably not good. Change it to use
> something other than "trust" authentication.
>
>
>
> Or something along that line? Since it would no longer actually be
> default. Or do we want something like "On some installations, the
> default is..."?

Woh, I didn't think we agreed that the default would change from
'trust', only that we would now emit a warning and allow other
authentication methods to be specified at initdb time.

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073