Re: [HACKERS] TODO list updated
| От | Lamar Owen |
|---|---|
| Тема | Re: [HACKERS] TODO list updated |
| Дата | |
| Msg-id | 387E2BE9.6658C6FD@wgcr.org обсуждение исходный текст |
| Ответ на | Re: [HACKERS] TODO list updated (Bruce Momjian <pgman@candle.pha.pa.us>) |
| Список | pgsql-hackers |
Bruce Momjian wrote: > > * Make postgres user have a password by default > > There's an initdb switch. > OK, now we have to decide if we are going to require this be done as > part of initdb. I am inclined to say the user _has_ to be _prompted_ in > a secure matter for the password as part of initdb. Have a command-line > switch for the password is not secure, IMHO, though it is better than > nothing. > Let's get people's opinions on this, and we can mark it as done. As a packager, and a user, I would like the _option_ of setting a default password using a --prompt-for-password switch. By all means don't make it default to prompting for a password -- there are those who do not need a password on the database superuser account, due to other security measures and connection models (IE, backing a webserver that is handling authentication and pooling connections under a single (nonprivileged) user). -- Lamar Owen WGCR Internet Radio 1 Peter 4:11
В списке pgsql-hackers по дате отправления: