Re: Is "trust" really a good default? - Mailing list pgsql-hackers

From Bruce Momjian
Subject Re: Is "trust" really a good default?
Date
Msg-id 200407132142.i6DLgvp02805@candle.pha.pa.us
Whole thread Raw
In response to Re: Is "trust" really a good default?  ("Magnus Hagander" <mha@sollentuna.net>)
List pgsql-hackers
Magnus Hagander wrote:
> >>> The only part of this discussion that I'd really be prepared=20
> >>> to buy into
> >>> is the part about *if* you use -W or --pwfile, then set up
> >pg_hba.conf
> >>> with MD5 as the default auth (because that's probably what the user
> >>> wants anyway).
> >
> >> Ok. Here is a patch that does this.
> >
> >... and rather severely mangles the comments, too;
>
> Um, no, it doesn't. At least not on my installation.
>
>
> > not to mention the
> >more basic problem that the comments will now be wrong.
>
> That, however, it is correct :-( Sloppy.
>
> How about a text along the line of:
> CAUTION: Configuring the system for "trust" authentication allows any
> local user to connect using any PostgreSQL user name, including the
> superuser, over either Unix domain sockets or TCP/IP. If you are on
> a multiple-user machine, this is probably not good. Change it to use
> something other than "trust" authentication.

New wording:

CAUTION: Configuring the system for local "trust" authentication allows
any local user to connect as any PostgreSQL user, including the database
superuser. If you do not trust all your local users, use another
authenication method.

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073

pgsql-hackers by date:

Previous
From: Lamar Owen
Date:
Subject: Re: Release planning (was: Re: Status report)
Next
From: Bruce Momjian
Date:
Subject: Re: Is "trust" really a good default?