> For simplicity in a single-system deployment I recommend running > postgres in "trust" mode and listen on a local unix socket rather than > exposing it to the network. This allows you to use the same access > control for Postgres that you'd use for an sqlite3 db file: file > permissions.
This is useful, thanks! I didn't know about this.