Re: Open 7.3 items
Bruce Momjian <pgman@candle.pha.pa.us>
From: Bruce Momjian <pgman@candle.pha.pa.us>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2002-07-31T19:28:42Z
Lists: pgsql-hackers
Tom Lane wrote: > > Socket permissions - only install user can access db by default > > I do not agree with this goal. OK, this is TODO item: * Make single-user local access permissions the default by limiting permissions on the socket file (Peter E) Right now, we effectively install initdb as though we are creating a world-writeable directory on the machine. (Sure, the directory is locked down, but by setting PGUSER you can connect to the database as anyone.) I don't know any other software that does this, and I can't see how we can justify the current behavior. Another idea is to change pg_hba.conf to not default to 'trust' but then the installing user is going to have to choose a password. -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania 19026