On 05/07/2015 01:32 AM, Jim Nasby wrote:
> On 5/6/15 12:56 PM, Peter Eisentraut wrote:
>>> I think this is a sufficiently general requirement to warrant including
>>>> an option to disable this, as most hardening guides I have seen for
>>>> PostgreSQL unconditionally require to disable trust authentication and
>>>> disabling it in the code removes the need to check this in the runtime
>>>> configuration.
>> I think people would be interested in well-thought out, generalized
>> hardening facilities. But that would likely include other things than
>> just disabling an authentication method or two. And we can't be adding
>> a new compile-time option as we add each one. We need a more general
>> approach.
>
> Yeah. I think one of the big use cases here is that many environments
> are OK with at least ident (if not trust) but only from the local
> machine. So you'd probably want to handle that somehow.
That's called 'peer', since 9.1.
- Heikki