* Robert Haas (robertmh...@gmail.com) wrote: > On Thu, May 7, 2015 at 11:02 AM, Stephen Frost <sfr...@snowman.net> wrote: > > I realize it's not going to be popular, but I'd love to have 'trust' > > only allowed if a command-line option is passed to the postmaster or > > something along those lines. It's really got no business being an > > option for a network service like PG. > > I disagree wholeheartedly. There is such a thing as a trusted network.
Likely a good topic of conversation to be had in Ottawa. :) I agree
that there are trusted networks, but the ones that I work with still
expect network services to require authentication and authorization.
Perhaps they're not really "trusted" then, from your perspective. On
the other hand, I suppose if you use pg_hba to limit which accounts can
be logged into with 'trust' then you might be able to have, say, a
"read-only" user/database that anyone could see. That's a pretty narrow
case though and I'd rather we figure out how to address it directly and
more specifically (no-password login roles?) than the broad
disable-all-authentication "trust" method.
Thanks!
Stephen
signature.asc
Description: Digital signature
