On 7/22/19 3:15 PM, Tom Lane wrote:
> I wrote:
>> BTW, it looks like the Windows buildfarm critters have a
>> separate problem: they're failing with
>> initdb: error: must specify a password for the superuser to enable md5 authentication
> I tried doing a run on gaur (old HPUX, so no "peer" auth) before the
> revert happened. It got as far as initdb-check [1], which failed quite
> thoroughly with lots of the same error as above. Depressingly, a lot of
> the test cases that expected some type of error "succeeded", indicating
> they're not actually checking to see which error they got. Boo hiss.
>
> Presumably Noah's AIX menagerie would have failed in about the
> same way if it had run.
>
> So we've got a *lot* of buildfarm work to do before we can think about
> changing this.
Ouch. I'll test more on Windows.
>
> Frankly, this episode makes me wonder whether changing the default is
> even a good idea at this point. People who care about security have
> already set up their processes to select a useful-to-them auth option,
> while people who do not care are unlikely to be happy about having
> security rammed down their throats, especially if it results in the
> sort of push-ups we're looking at having to do in the buildfarm.
> I think this has effectively destroyed the argument that only
> trivial adjustments will be required.
>
> regards, tom lane
>
> [1] https://buildfarm.postgresql.org/cgi-bin/show_log.pl?nm=gaur&dt=2019-07-22%2017%3A08%3A27
>
There's a strong tendency these days to be secure by default, so I
understand the motivation.
cheers
andrew
--
Andrew Dunstan https://www.2ndQuadrant.com
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
