On Sat, Jun 23, 2007 at 12:02:43PM -0400, Tom Lane wrote:
> Magnus Hagander <[EMAIL PROTECTED]> writes:
> >> One thing I've thought about doing is to remove the default in initdb
> >> completely and *force* the user to choose auth type. Packagers can
> >> then just use that to set ident or whatever. and interactive users
> >> can pick trust if they really need it, but it will be a known choice.
> > Since nobody comemnted on this, let me turn it around and ask: Does
> > anybody have any reason *not* to do this?
> I'll object if no one else does: this will break existing installation
> habits and processes to no real benefit.
>                       regards, tom lane
I agree with Tom on this. We have a number of install and provisioning
scripts that would become ridiculously convoluted and problematic if the
default is changed from trust. It is not unreasonable to expect a certain
degree of competence from anyone running a database server. Our default
postgresql install script asks for a system password and sets everything
to md5. If the user knows enough to stray from the default install, they
are assumed to know enough to keep out of trouble.


---------------------------(end of broadcast)---------------------------
TIP 2: Don't 'kill -9' the postmaster

Reply via email to