Josh Berkus wrote: > Andrew, Tom: > > This will be a really nice feature for those of us with PG servers that > participate in VPNs. Currently I'm blocking certain interfaces using > pg_hba.conf but would prefer a "listen" address instead. > > Of course, the drawback to this is that confused DBAs will have their > pg_hba.conf conflict with their postgresql.conf, and cut off all access to > the DB. But I don't know how we can protect against that. > > Might I suggest that this default to "127.0.0.1" in postgresql.conf.sample? > This is a reasonably safe default, and would allow us to use the same default > for Windows as for other OSes. It would also eliminate about 15% of the > questions I get on a weekly basis from PHP users. ("uncomment the line > tcpip_sockets ..."). > > If I had time, I would also love to see setting the password for the postgres > user become part of the initdb script. However, I can see that this wouldn't > work with packages.
Why couldn't we do something where we ask for a password only if stdin is from a terminal? -- Bruce Momjian | http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073 ---------------------------(end of broadcast)--------------------------- TIP 2: you can get off all lists at once with the unregister command (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])