Jaime Casanova <jcasanov(at)systemguards(dot)com(dot)ec> wrote:
> Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>>
>> Although come to think of it ... is there any reason besides sheer
>> conservatism to not make the default listen_addresses value '*'?
>
> just my 2 cents. but i always wondered about the existence of
> listen_addresses at all... to me the only reason it exists is to
> force me to change 'localhost' to '*' after installing, something i
> always do almost automaticaly =)
For all the reasons already given, -1 from me for changing the default
of listen_addresses or eliminating it.
Trust authentication has a few valid use cases, but it does tend to
worry me that people may leave it enabled in inappropriate situations
on production clusters. I don't see how we could get rid of it, but
I'd be OK with a warning in the log when a pg_hba.conf file is
processed which contains any trust entries.
-Kevin