> I'm not sure I understand the compatibility fallout. Like, who would be angry if we did that? From my very first message: > Breaking change in setups with ignored "passfile" (edge-case, not likely) So unless I am missing something this only affects people who ran into a permission issue, left the open passfile in-place and found another way to provide the password that Postgres was happy with.
> [...], so that idea that we can force "safe" permissions is a little bit laughable. Another slightly ridiculous example above: A user may leave the vulnerable passfile in place, ignore the warning and provide the password other way. The error would ensure they need to clean their passfile up.
