Magnus Hagander wrote:
> This one makes it mandatory to pick some kind of authentication. If
> that's not wanted, it's easy to change it to default to trust (which
> I think is wrong, but we've been through that already..)

I don't think I like any of this.  Sooner rather than later, people need 
to look at pg_hba.conf and think about it.  I don't like switches that 
induce them to skip that step.  And I certainly don't like forcing 
extra switches on users that just try out an installation locally.

I would be in favor of making everything supertight and secure by 
default, no questions asked.  The is a definable goal.  But as long as 
there is no agreement on that, let's not create illusions in that 
direction while inconveniencing a bunch of people for little gain.

-- 
Peter Eisentraut
http://developer.postgresql.org/~petere/


---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

Reply via email to