On 5/17/15 10:58 PM, Josh Berkus wrote:
The goal here was stated to preventing authentication misconfiguration by shortsighted admins who have superuser access and the ability to change pg_hba.conf. This is tantamount to giving someone a gun and bullets, but expecting duct tape across the cartridge slot to prevent them from loading or using the gun.
The idea is to prevent *accidental* misconfiguration, not to try and permanently lock them out. IE: make them think before allowing them to just do something silly. Disabling auth methods at compile time seems a very reasonable way to accomplish that.
-- Jim Nasby, Data Architect, Blue Treble Consulting Data in Trouble? Get it in Treble! http://BlueTreble.com -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
