On Thu, 27 Apr 2000, Jan Wieck wrote:
> The default of "local all trust" is something I allways
> considered insecure.
No kidding.
> If we add a permissions field to the local entry, the
> postmaster can chmod() the socket file after creating it (and
> maybe drain out waiting connections that slipped in between
> after a second before accepting the first real one). The
> default hba would then read:
>
> local all trust 0770
> host all 127.0.0.1 255.255.255.255 ident sameuser
I think I like that idea.
--
Peter Eisentraut Sernanders väg 10:115
peter_e@gmx.net 75262 Uppsala
http://yi.org/peter-e/ Sweden