Robert Treat wrote:
> > Woh, I didn't think we agreed that the default would change from
> > 'trust', only that we would now emit a warning and allow other
> > authentication methods to be specified at initdb time.
> > 
> I sure hope not (and that was my understanding as well) 
> Incidentally that warning is a little misleading since it isn't just
> trust authentication that allows the wide open connections, but the
> combo of all users / all dbs / trust that does it.  For example on one
> of my development machine I have a guest user who only has read access
> to a specific database from a limited subnet, but with trust
> authentication since random people inside the company will sometimes
> want to take a look at what I am cooking up. For my needs I use the
> superuser account who can access all databases but must come through
> ident on a unix socket.  Different strokes for different folks eh?

Sure, but the point is that the 'trust' line added by initdb is
wide-open.  Folks who do that fine-grained control will not get confused
by the warning, hopefully.

  Bruce Momjian                        |
  [EMAIL PROTECTED]               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073

---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
    (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])

Reply via email to