From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
---|---|
To: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | Volker Aßmann <volker(dot)assmann(at)gmail(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Disabling trust/ident authentication configure option |
Date: | 2015-05-06 19:57:03 |
Message-ID: | 554A720F.1030706@dunslane.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 05/06/2015 10:47 AM, Alvaro Herrera wrote:
>
> I don't necessarily agree with the patch as proposed. I would rather
> have a comma-separated list of methods, as in:
>
> --disable-auth=ident,peer
>
> which lets you choose what to disable without hardcoded choices. Due to
> the nature of autoconf, this might be too fiddly to implement, though,
> and if so I think the method proposed by this patch seems a reasonable
> compromise. I've seen configure in other programs offer options such as
> --disable-foo=list that lists acceptable values (or --disable-foo=help)
>
I don't necessarily object to this idea, but I do think we need to
ensure that we don't allow both trust and peer to be disabled (which
means on Windows you would not be able to disable trust). Otherwise this
becomes a footgun which would require the whole server to be stopped so
you could connect in single user mode to correct certain mistakes, which
are unfortunately all too common.
cheers
andrew
From | Date | Subject | |
---|---|---|---|
Next Message | Tomas Vondra | 2015-05-06 20:03:50 | Re: multivariate statistics / patch v6 |
Previous Message | Heikki Linnakangas | 2015-05-06 19:51:43 | Re: INSERT ... ON CONFLICT UPDATE/IGNORE 4.0 |