On Sat, Jun 23, 2007 at 06:14:23PM +0200, Magnus Hagander wrote:
> The benefit would be that PostgreSQL would be "secure by default". Which
> we are *not* today.
To achieve the "secure by default" feature that you want (and I like
the scare-quotes -- I agree with those that think this adds no real
security, but I think you're right to worry about the perception
angle in this case), why not have a ./configure option that sets the
default trust level for the build? The option could default to
something "secure", but experienced users' build scripts would only
have to be altered to include --default-authentication="trust" or
something like that. Using this approach, packagers can also
continue to do what they want.
A
--
Andrew Sullivan | ajs@crankycanuck.ca
However important originality may be in some fields, restraint and
adherence to procedure emerge as the more significant virtues in a
great many others. --Alain de Botton