Re: Bugtraq: Having Fun With PostgreSQL

On Tue, Jun 26, 2007 at 03:08:59PM -0400, Tom Lane wrote:
> It still wouldn't make us "secure by default".  Not unless you propose
> to actually change the default.

Perhaps I wasn't clear enough, but the suggestion I made (for
something I actually don't care about, I hasten to add again) was
that the configure switch _would_ be set to something different by
default.  So it would require that those who need trust to work would
have to enable it on purpose; but (I suggested) at a not-too-invasive
point.  It'd just be another configure option, and you usually have
to reconsider those at major version upgrade anyway.  Nevertheless,

> In any case, what is "secure by default"?  

. . .I agree that the checkbox is a dumb one.  I think the entire
topic isn't worth the amount of electrons already spilled over it.  I
don't see anyone clamouring for this and I see at least one person
strongly opposed.  I think it should be regarded as Dead, Jim.

A

-- 
Andrew Sullivan  | ajs@crankycanuck.ca
I remember when computers were frustrating because they *did* exactly what 
you told them to.  That actually seems sort of quaint now.    --J.D. Baldwin