On 4/5/19 4:58 PM, Peter Eisentraut wrote: > On 2019-04-05 18:11, Jonathan S. Katz wrote: >> (There could be an additional discussion about whether or not we want to >> change the default behavior for initdb, but I would suggest that a safe >> starting point would be to ensure we call this out) > > I think we should just change the defaults. There is a risk of warning > fatigue. initdb does warn about this, so anyone who cared could have > gotten the information.
It might actually be a combination of both updating the defaults and modifying the documentation. If we introduce better defaults, we'll need an explanation of what the defaults are and why they are as such. If we don't, we certainly need to warn the user what's happening. The way it's currently written, it's very easy to miss. I also don't see how it's warning fatigue when it's both a) a feature that could put your system into a vulnerable state if you're not careful and b) the only warning on that page. Jonathan
signature.asc
Description: OpenPGP digital signature
