gt;
> >-Original Message-
> >From: Bruce Momjian [mailto:[EMAIL PROTECTED]
> >Sent: den 17 juli 2004 03:11
> >To: Magnus Hagander
> >Cc: [EMAIL PROTECTED]
> >Subject: Re: [PATCHES] initdb authentication
> >
> >
> >
> >I got a ne
> > > Ok, here is another one.
> > >
> > > Doc patches coming up if/when this one is approved.
> >
> > I think this warning is seriously going to annoy me. Can we do
> > without it?
>
> What if we skip the warning if the user specifically asks for
> 'trust'?
> Would that help?
Uh. That's how
Peter Eisentraut wrote:
> Magnus Hagander wrote:
> > Ok, here is another one.
> >
> > Doc patches coming up if/when this one is approved.
>
> I think this warning is seriously going to annoy me. Can we do without
> it?
What if we skip the warning if the user specifically asks for 'trust'?
Woul
Magnus Hagander wrote:
> Ok, here is another one.
>
> Doc patches coming up if/when this one is approved.
I think this warning is seriously going to annoy me. Can we do without
it?
--
Peter Eisentraut
http://developer.postgresql.org/~petere/
---(end of broadcast)-
>>Ok, here is another one.
>>
>>Doc patches coming up if/when this one is approved.
>>
>>//Magnus
>>
>>
>>
>>
>>
>+ /* Kerberos methods not listed because they are not supported
>+* over local connections and are rejected in hba.c */
>
>Is this true of all local connections, or only
I assume he means 'local' lines in the config file, not local INET
connections. Maybe local needs quotes
---
Andrew Dunstan wrote:
>
>
> Magnus Hagander wrote:
>
> >Ok, here is another one.
> >
> >Doc patches coming up i
Magnus Hagander wrote:
Ok, here is another one.
Doc patches coming up if/when this one is approved.
//Magnus
+ /* Kerberos methods not listed because they are not supported
+* over local connections and are rejected in hba.c */
Is this true of all local connections, or only Unix
Ok, here is another one.
Doc patches coming up if/when this one is approved.
//Magnus
>-Original Message-
>From: Bruce Momjian [mailto:[EMAIL PROTECTED]
>Sent: den 17 juli 2004 03:11
>To: Magnus Hagander
>Cc: [EMAIL PROTECTED]
>Subject: Re: [PATCHES] initdb authentic
w multiple words in the string.
---
Magnus Hagander wrote:
> Here's a version of this patch that includes documentation updates.
>
> //Magnus
>
>
> >-Original Message-
> >From: Magnus Hagander
> >Sent: den 15 juli 2004 23:02
Here's a version of this patch that includes documentation updates.
//Magnus
>-Original Message-
>From: Magnus Hagander
>Sent: den 15 juli 2004 23:02
>To: [EMAIL PROTECTED]
>Subject: [PATCHES] initdb authentication
>
>
>Ok, here is one more try at the
> > > This one makes it mandatory to pick some kind of
> authentication. If
> > > that's not wanted, it's easy to change it to default to
> trust (which
> > > I think is wrong, but we've been through that already..)
> >
> > I don't think I like any of this. Sooner rather than later, people
>
Tom Lane wrote:
> Bruce Momjian <[EMAIL PROTECTED]> writes:
> > I think the basic problem is that right now there is no way to do an
> > initdb and have it be secure _before_ you edit pg_hba.conf. That isn't
> > acceptable. If I am on an insecure machine, the window if time between
> > initdb and
Bruce Momjian <[EMAIL PROTECTED]> writes:
> I think the basic problem is that right now there is no way to do an
> initdb and have it be secure _before_ you edit pg_hba.conf. That isn't
> acceptable. If I am on an insecure machine, the window if time between
> initdb and editing of pg_hba.conf is
On Thu, Jul 15, 2004 at 11:20:46PM +0200, Peter Eisentraut wrote:
> Magnus Hagander wrote:
> > This one makes it mandatory to pick some kind of authentication. If
> > that's not wanted, it's easy to change it to default to trust (which
> > I think is wrong, but we've been through that already..)
>
Peter Eisentraut wrote:
> Magnus Hagander wrote:
> > This one makes it mandatory to pick some kind of authentication. If
> > that's not wanted, it's easy to change it to default to trust (which
> > I think is wrong, but we've been through that already..)
>
> I don't think I like any of this. Soon
Magnus Hagander wrote:
> This one makes it mandatory to pick some kind of authentication. If
> that's not wanted, it's easy to change it to default to trust (which
> I think is wrong, but we've been through that already..)
I don't think I like any of this. Sooner rather than later, people need
t
Ok, here is one more try at the initdb default authentication stuff.
This one adds the switches "--ident" and "--trust", which will configure
pg_hba.conf with ident and trust authentication respectively. If trust
authentication is selected, a warning is written to pg_hba.conf. The old
switches for
17 matches
Mail list logo