> >>No, but none of the others are better. See previous discussions in > >>the archives. I don't think the situation has changed any > since the > >>last time we hashed this out. > > > > If they supply a password to initdb, shouldn't we then require a > > password in pg_hba.conf. > > This is further to my previous suggestion that we output the > encoding that is being defaulted to. > > NEW USERS DO NOT KNOW THAT -W EXISTS! > > Even the majority of experienced users don't!
Exactly... How about requiring them to put in *either* -W (or --pwfile of course) *or* a switch that *explicitly* enables trust. And if they don't put in either of these parameters, refuse to initdb. (are other params required?) That will at least require a concious decision to enable the unsafe stuff. And packagers/distributions can add that trust switch if it's necessary by their packaging system (which arguably is not very flexible if it does, but I assume this is the reason why the default wasn't changed - can't find the old discussions in the archives) This will require initdb to edit pg_hba.conf on the fly and not just copy it in, but that shuoldn't be too hard. //Magnus ---------------------------(end of broadcast)--------------------------- TIP 9: the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match