Don't have time to really answer your question, except to say that there's
nothing wrong with AUTH_TYPE of trust. If the machine is a trusted
machine, then anyone who breaks in will likely be able to read the
username/password from a config file anyway. I usually run Postgres on a
UNIX-domain socket only, with AUTH_TYPE being trust.
Jon