Re: Disabling trust/ident authentication configure option

* Robert Haas (robertmhaas@gmail.com) wrote:
> On Thu, May 7, 2015 at 11:02 AM, Stephen Frost <sfrost@snowman.net> wrote:
> > I realize it's not going to be popular, but I'd love to have 'trust'
> > only allowed if a command-line option is passed to the postmaster or
> > something along those lines.  It's really got no business being an
> > option for a network service like PG.
>
> I disagree wholeheartedly.  There is such a thing as a trusted network.

Likely a good topic of conversation to be had in Ottawa. :)  I agree
that there are trusted networks, but the ones that I work with still
expect network services to require authentication and authorization.
Perhaps they're not really "trusted" then, from your perspective.  On
the other hand, I suppose if you use pg_hba to limit which accounts can
be logged into with 'trust' then you might be able to have, say, a
"read-only" user/database that anyone could see.  That's a pretty narrow
case though and I'd rather we figure out how to address it directly and
more specifically (no-password login roles?) than the broad
disable-all-authentication "trust" method.
Thanks!
    Stephen