| From: | "Andrew Hammond" <andrew(dot)george(dot)hammond(at)gmail(dot)com> |
|---|---|
| To: | "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | "Andrew Sullivan" <ajs(at)crankycanuck(dot)ca>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Bugtraq: Having Fun With PostgreSQL |
| Date: | 2007-06-26 18:10:56 |
| Message-ID: | 5a0a9d6f0706261110l7e365cd0o787db86b51ae8dde@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 6/25/07, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> "Andrew Hammond" <andrew(dot)george(dot)hammond(at)gmail(dot)com> writes:
> > On 6/25/07, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> >> The normal build process for any open-source package is
> >>
> >> ./configure
> >> make
> >> sudo make install
> >> ... now what? OK, time to read the manual ...
>
> > Since they presumably don't know about initdb yet, yeah, I figure
> > they'll be reading the manual. We already talk about how to initdb.
> > It seems reasonable to have the manual talk about how to initially
> > connect to your "secure by default" database and create a
> > non-superuser working user.
>
> +1 on having such a discussion in the manual (someone else suggested
> that already IIRC). But I'm not seeing what a configure flag brings
> to the party.
Like Andrew Sullivan said above, if we want to achieve the dubious
goal of being "secure by default" this seems like the least invasive
way to change the process so that we can be buzzword compliant.
Andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2007-06-26 19:08:59 | Re: Bugtraq: Having Fun With PostgreSQL |
| Previous Message | Tom Lane | 2007-06-26 16:11:28 | Re: [COMMITTERS] pgsql: Arrange for quote_identifier() and pg_dump to not quote keywords |