We have always been impressed with the Postgres project and team. The
whole hybrid SQL / JSONB functionality rocks. The scalability rocks.
The speed and stability rock. At the command line, Postgres rocks. But
in applications we have had some real, and not improving pain points:
#1) pg_hba conf
Out of the box the md5 setting blocks access. Most "advice" say change
to "all all trust" and indeed that works. But that seems a big security
issue. Specifying a postgres role, password, and peer does not seem to
work. And this approach is problematic if there are many roles or even
dynamically created roles.
Or is pb_hba conf set up for web sockets and we should be using sockets?
For general use, it seems we should not have to modify this file - it
should "just work" with good security.
--
Support Dept
Tiger Nassau, Inc.
www.tigernassau.com
406-624-9310