From: | Mark Mielke <mark(at)mark(dot)mielke(dot)cc> |
---|---|
To: | Kevin Grittner <Kevin(dot)Grittner(at)wicourts(dot)gov> |
Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Jaime Casanova <jcasanov(at)systemguards(dot)com(dot)ec>, Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Use "samehost" by default in pg_hba.conf? |
Date: | 2009-10-01 14:35:07 |
Message-ID: | 4AC4BE1B.1090306@mark.mielke.cc |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 10/01/2009 10:24 AM, Kevin Grittner wrote:
> Trust authentication has a few valid use cases, but it does tend to
> worry me that people may leave it enabled in inappropriate situations
> on production clusters. I don't see how we could get rid of it, but
> I'd be OK with a warning in the log when a pg_hba.conf file is
> processed which contains any trust entries.
I don't think "trust" needs to be removed entirely - it is a valid
option for demos or training sessions perhaps.
By using the word "abolishing", I might have created the wrong
impression. I just meant the default pg_hba.conf having "trust" has
always seemed to be a really bad thing to me.
If people already have pg_hba.conf with "trust", I see no reason to stop
them.
If a new user tries using PostgreSQL for the first time - I think the
default configuration they encounter should be conservative and usable
out of the box. I can see how "samehost" fits into this picture. I don't
see how "trust" fits into this picture. Does anybody seriously recommend
"trust" to newbies for production use? Shouldn't the default pg_hba.conf
represent a conservative recommendation from the pgsql developers?
Cheers,
mark
--
Mark Mielke<mark(at)mielke(dot)cc>
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2009-10-01 14:35:55 | Re: Limit allocated memory per session |
Previous Message | Richard Huxton | 2009-10-01 14:28:35 | Re: navigation menu for documents |