* Alvaro Herrera (alvhe...@2ndquadrant.com) wrote: > Josh Berkus wrote: > > > As such, proposals are more likely to be successful if the proposer can > > show how they apply to a general use case, or adapt them so that they > > are useful to a large number of our users. This means that "this works > > in our environment which has conditions X, Y, and Z" is not an effective > > argument, unless you can follow it up with "... and here's the reason > > why [large class of users] also has conditions X, Y and Z." > > The proposal here is to have a configure argument that disables > arbitrary auth mechanisms. How is that specific to a particular > environment?
For my 2c, I'm still a fan of the general idea.. I still view 'trust'
as appropriate only for development environments and I don't believe it
really solves any use-cases that having password-less accounts doesn't.
Removing it as an option simply removes a potential configuration
mistake. It's not going to protect you from a malicious administrator
who has root-level access any more than a CHECK constraint would stop a
malicious DBA.
Thanks!
Stephen
signature.asc
Description: Digital signature
