Andres, * Andres Freund (and...@anarazel.de) wrote: > On 2015-05-20 15:42:23 -0400, Stephen Frost wrote: > > > So the first thing to establish is "other than Volker himself, who are > > > we helping here?" > > > > I don't agree with this either. Providing a "bypass all authentication" > > configuration option really isn't a good thing. Why don't packagers use > > our default pg_hba.conf? Because it only makes sense in a development > > type of environment. I'd argue the same is true for 'trust'. > > Uh. So if the shit hit the fan because you mismanaged a password > rollover, kereberos is down, or something like that, and you can't > access postgres anymore you want to recompile? And no peer isn't an > answer isn't an answer, it's not available on windows. Your only way out > is going to be single user mode. But wait, that's a security hole too.
Apologies for not being clearer. I agree that we need an alternative for addressing this use-case before we can consider getting rid of 'trust' or not having it built into the binaries which are distributed. In other words, I agree with you that we can't simply get rid of 'trust' without having another solution. I *do* believe that a real single-user mode that is only available to the owner of the cluster would go a long way towards this goal. If 'trust' was only able to be used by the owner of the database, I'd have much less of an issue with it. > I find the arguments presented in this thread for a configure option > entirely unconvincing. If you'd argued for a saner default > authentication setup: I'd be on board with that. But this seems just a > pointless exercise in making things more complicated. Thankfully, the packagers have already addressed the insecure default that the source build provides for pg_hba.conf and so we don't need to worry about it (except perhaps for new distributions or new packagers, but I hope they'll usually look at the existing packages and not just distribute what we provide as the default pg_hba.conf). Thanks! Stephen
signature.asc
Description: Digital signature