Home > mailing lists

Re: Is "trust" really a good default? - Mailing list pgsql-hackers

From	Magnus Hagander
Subject	Re: Is "trust" really a good default?
Date	July 13, 2004 07:47:26
Msg-id	6BCB9D8A16AC4241919521715F4D8BCE34BE40@algol.sollentuna.se Whole thread Raw
In response to	Is "trust" really a good default? ("Magnus Hagander" <mha@sollentuna.net>)
Responses	Re: Is "trust" really a good default? Re: Is "trust" really a good default?
List	pgsql-hackers

Tree view

> > IMO, forcing su password at initdb time (allowing blank
> password with
> > a very stern warning) and bumping localhost to auth is the
> right way
> > to go.
>
> This isn't happening for a number of reasons, the most
> obvious being that we cannot require initdb to be run
> interactively.  (That stern warning will not impress /dev/null.)

This is the very reason --pwfile was added. It's not just a win32 fix,
it's a "any packager that needs to run without interactivity" fix. Yes,
you can stick a blank password in there, but again, this is a choice and
not a default in that case.

//Magnus

pgsql-hackers by date:

From: "Magnus Hagander"
Date: 13 July 2004, 07:43:25
Subject: Re: Is "trust" really a good default?

From: "Magnus Hagander"
Date: 13 July 2004, 07:51:15
Subject: Re: Is "trust" really a good default?

Re: Is "trust" really a good default? - Mailing list pgsql-hackers

Previous

Next