Re: Use "samehost" by default in pg_hba.conf?

Jaime Casanova <jcasanov@systemguards.com.ec> wrote:
> Tom Lane <tgl@sss.pgh.pa.us> wrote:
>>
>> Although come to think of it ... is there any reason besides sheer
>> conservatism to not make the default listen_addresses value '*'?
> 
> just my 2 cents. but i always wondered about the existence of
> listen_addresses at all... to me the only reason it exists is to
> force me to change 'localhost' to '*' after installing, something i
> always do almost automaticaly =)
For all the reasons already given, -1 from me for changing the default
of listen_addresses or eliminating it.
Trust authentication has a few valid use cases, but it does tend to
worry me that people may leave it enabled in inappropriate situations
on production clusters.  I don't see how we could get rid of it, but
I'd be OK with a warning in the log when a pg_hba.conf file is
processed which contains any trust entries.
-Kevin