Re: Is "trust" really a good default? - Mailing list pgsql-hackers

From Lamar Owen
Subject Re: Is "trust" really a good default?
Date
Msg-id 200407131748.00592.lowen@pari.edu
Whole thread Raw
In response to Re: Is "trust" really a good default?  ("Merlin Moncure" <merlin.moncure@rcsonline.com>)
List pgsql-hackers
On Monday 12 July 2004 17:10, Merlin Moncure wrote:
> IMO, forcing su password at initdb time (allowing blank password with a
> very stern warning) and bumping localhost to auth is the right way to
> go.  As far as RPM's, etc. I don't think RPM considerations should be
> driving security concerns.

FWIW, the RPMs default to ident authentication, and trust is off.  This is 
however done as a patch to the sample pg_hba.conf.  A command line switch to 
initdb to mung up an ident default would be fine with me, though.
-- 
Lamar Owen
Director of Information Technology
Pisgah Astronomical Research Institute
1 PARI Drive
Rosman, NC  28772
(828)862-5554
www.pari.edu


pgsql-hackers by date:

Previous
From: "Marc G. Fournier"
Date:
Subject: Re: Release planning (was: Re: Status report)
Next
From: Bruce Momjian
Date:
Subject: Re: Release planning (was: Re: Status report)