> >> That won't help; that would introduce the "embarrassment" of having a
> >> known default password.
> 
> > No it wouldn't unless the packagers set it up to do that. My point is 
> > that when a packager (or source) runs initdb, it would prompt for the 
> > postgres user password.
> 
> Practically every existing packaging of PG tries to run initdb as a
> hidden, behind-the-scenes, definitely not-interactive procedure.
> 

afaik, practically every existing packaging of pg has *already* solved the 
problem and does not set trust as default anyway. ident sameuser I think is the 
most 
common.

One thing I've thought about doing is to remove the default in initdb 
completely and *force* the user to choose auth type. Packagers can then just 
use that to 
set ident or whatever. and interactive users can pick trust if they really need 
it, but it will be a known choice.

/Magnus
 

---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?

               http://www.postgresql.org/docs/faq

Reply via email to