On 7/22/19 3:15 PM, Tom Lane wrote: > I wrote: >> BTW, it looks like the Windows buildfarm critters have a >> separate problem: they're failing with >> initdb: error: must specify a password for the superuser to enable md5 >> authentication > I tried doing a run on gaur (old HPUX, so no "peer" auth) before the > revert happened. It got as far as initdb-check [1], which failed quite > thoroughly with lots of the same error as above. Depressingly, a lot of > the test cases that expected some type of error "succeeded", indicating > they're not actually checking to see which error they got. Boo hiss. > > Presumably Noah's AIX menagerie would have failed in about the > same way if it had run. > > So we've got a *lot* of buildfarm work to do before we can think about > changing this.
Ouch. I'll test more on Windows. > > Frankly, this episode makes me wonder whether changing the default is > even a good idea at this point. People who care about security have > already set up their processes to select a useful-to-them auth option, > while people who do not care are unlikely to be happy about having > security rammed down their throats, especially if it results in the > sort of push-ups we're looking at having to do in the buildfarm. > I think this has effectively destroyed the argument that only > trivial adjustments will be required. > > regards, tom lane > > [1] > https://buildfarm.postgresql.org/cgi-bin/show_log.pl?nm=gaur&dt=2019-07-22%2017%3A08%3A27 > There's a strong tendency these days to be secure by default, so I understand the motivation. cheers andrew -- Andrew Dunstan https://www.2ndQuadrant.com PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
