Given some of the recent hubbub and analysis of CVE entries, one part of
the documentation[1] that could be further clarified is what initdb does
by default, i.e. creates a cluster where users can connect with trust
authentication. While this may be great for people who are hacking or
running PostgreSQL in a trusted local environment, this may not make
sense for many (most?) other systems.
The attached patch clarifies this fact and adds a "warning" box just
below the initdb examples that provides recommendations to create a more
secure environment. It also removes the section that discusses this
below the part that discusses securing the directory, as really this
explanation should go right after the "initdb" call.
(There could be an additional discussion about whether or not we want to
change the default behavior for initdb, but I would suggest that a safe
starting point would be to ensure we call this out)
Credits to Magnus for pointing this out, and Tom + Andrew D. for review
before posting to list.
Jonathan
[1] https://www.postgresql.org/docs/current/creating-cluster.html