Tom Lane wrote: > > Socket permissions - only install user can access db by default > > I do not agree with this goal.
OK, this is TODO item: * Make single-user local access permissions the default by limiting permissions on the socket file (Peter E) Right now, we effectively install initdb as though we are creating a world-writeable directory on the machine. (Sure, the directory is locked down, but by setting PGUSER you can connect to the database as anyone.) I don't know any other software that does this, and I can't see how we can justify the current behavior. Another idea is to change pg_hba.conf to not default to 'trust' but then the installing user is going to have to choose a password. -- Bruce Momjian | http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania 19026 ---------------------------(end of broadcast)--------------------------- TIP 2: you can get off all lists at once with the unregister command (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])
