The following documentation comment has been logged on the website:
Page: https://www.postgresql.org/docs/8.3/static/auth-pg-hba-conf.html
Description:
My pg_hba.conf file gives 'cert' as an authentication method. this is not
mentioned on this page.
I think a basic pg_hba.conf to allow remote access require ssl, and to
prevent access to the postgres table would be a useful addition.
The more I see about this powerful environment the more nervous I get about
exploits based on aspects of it's multitude of features of which I am
completely unaware - what about PUBLIC for example ? ?
A basic security guide to disable dangerous defaults would be very welcome