Magnus Hagander wrote: > This one makes it mandatory to pick some kind of authentication. If > that's not wanted, it's easy to change it to default to trust (which > I think is wrong, but we've been through that already..)
I don't think I like any of this. Sooner rather than later, people need to look at pg_hba.conf and think about it. I don't like switches that induce them to skip that step. And I certainly don't like forcing extra switches on users that just try out an installation locally. I would be in favor of making everything supertight and secure by default, no questions asked. The is a definable goal. But as long as there is no agreement on that, let's not create illusions in that direction while inconveniencing a bunch of people for little gain. -- Peter Eisentraut http://developer.postgresql.org/~petere/ ---------------------------(end of broadcast)--------------------------- TIP 4: Don't 'kill -9' the postmaster