Tom Lane wrote:
> >> Another idea is to change pg_hba.conf to not default to 'trust' but then
> >> the installing user is going to have to choose a password.
>
> Well, initdb already has an option to request a password. It would
> perhaps make sense for initdb to alter the installed pg_hba.conf file
> to select local md5 mode instead of local trust mode when this option is
> specified.
>
> > I like this approach. Set it to password (or md5) on local, and force
> > the request of a password during initdb.
>
> I don't like "forcing" people to do anything, especially not things that
> aren't necessarily useful to them. On a single-user machine there is
> no advantage to using database passwords.
Yes, on a single-user machine, socket permissions are a better approach.
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610)
853-3000+ If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill,
Pennsylvania19026
