Re: Open 7.3 items

Bruce Momjian <pgman@candle.pha.pa.us>

From: Bruce Momjian <pgman@candle.pha.pa.us>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2002-07-31T19:28:42Z
Lists: pgsql-hackers
Tom Lane wrote:
> > Socket permissions - only install user can access db by default
> 
> I do not agree with this goal.

OK, this is TODO item:

* Make single-user local access permissions the default by limiting
  permissions on the socket file (Peter E)

Right now, we effectively install initdb as though we are creating a
world-writeable directory on the machine.  (Sure, the directory is
locked down, but by setting PGUSER you can connect to the database as
anyone.)  I don't know any other software that does this, and I can't
see how we can justify the current behavior.

Another idea is to change pg_hba.conf to not default to 'trust' but then
the installing user is going to have to choose a password.

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026