On 05/06/2015 10:47 AM, Alvaro Herrera wrote:
I don't necessarily agree with the patch as proposed. I would rather
have a comma-separated list of methods, as in:
--disable-auth=ident,peer
which lets you choose what to disable without hardcoded choices. Due to
the nature of autoconf, this might be too fiddly to implement, though,
and if so I think the method proposed by this patch seems a reasonable
compromise. I've seen configure in other programs offer options such as
--disable-foo=list that lists acceptable values (or --disable-foo=help)
I don't necessarily object to this idea, but I do think we need to
ensure that we don't allow both trust and peer to be disabled (which
means on Windows you would not be able to disable trust). Otherwise this
becomes a footgun which would require the whole server to be stopped so
you could connect in single user mode to correct certain mistakes, which
are unfortunately all too common.
cheers
andrew
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
