On 2019-04-06 20:08, Noah Misch wrote: >>> I think we should just change the defaults. There is a risk of warning >>> fatigue. initdb does warn about this, so anyone who cared could have >>> gotten the information. >>> >> >> I've been suggesting that for years, so definite strong +1 for doing that. > > +1
To recap, the idea here was to change the default authentication methods that initdb sets up, in place of "trust".
I think the ideal scenario would be to use "peer" for local and some appropriate password method (being discussed elsewhere) for host.
Looking through the buildfarm, I gather that the only platforms that don't support peer are Windows, AIX, and HP-UX. I think we can probably figure out some fallback or alternative default for the latter two platforms without anyone noticing. But what should the defaults be on Windows? It doesn't have local sockets, so the lack of peer wouldn't matter. But is it OK to default to a password method, or would that upset people particularly?
I'm sure password would be fine there. It's what "everybody else" does (well sqlserver also cord integrated security, but people are used to it).