On Sat, 8 Jun 2002, Tom Lane wrote:
> But my opinion is that password auth is a serious PITA; you are going to
> have lots of trouble with backup scripts, not only startup, if you try
> to run your installation like that. For local connections you should
> consider whether you can't use ident authentication instead (assuming
> you have a platform on which we support ident for Unix-socket
> connections).
If you're serious about security, allowing passwordless local
connections is not a problem, because you don't allow anybody but
admins to log into the Unix system, anyway. There are far, far more
local root exploits than remote, and they appear at a faster rate,
so it's rather risky to have local users on your system anyway.
cjs
--
Curt Sampson <cjs@cynic.net> +81 90 7737 2974 http://www.netbsd.org
Don't you know, in this new Dark Age, we're all light. --XTC