Magnus Hagander <mag...@hagander.net> writes:
> On Thu, Aug 19, 2010 at 23:11, Martin Pitt <mp...@debian.org> wrote:
>>> I received a request to support system-wide root certificates in
>>> libpq.
> I wonder if we want to have a default value for this rather than
> disabling it when it's not specified by configure. But is there any
> kind of reasonable default that's not going to be
> platform/distribution specific?
Given the potential security issues, I would argue very strenuously
that this should NOT be enabled by default. It should happen only
if the option is requested at configure time, and configure should
be told the exact path where to look for certs.
regards, tom lane
--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs
