When trust authentication is specified,
    PostgreSQL assumes that anyone who can
    connect to the server is authorized to access the database with
    whatever database user name they specify (even superuser names).
    Of course, restrictions made in the database and
    user columns still apply.
    This method should only be used when there is adequate
    operating-system-level protection on connections to the server.
   
    trust authentication is appropriate and very
    convenient for local connections on a single-user workstation.  It
    is usually not appropriate by itself on a multiuser
    machine.  However, you might be able to use trust even
    on a multiuser machine, if you restrict access to the server's
    Unix-domain socket file using file-system permissions.  To do this, set the
    unix_socket_permissions (and possibly
    unix_socket_group) configuration parameters as
    described in Section 20.3.  Or you
    could set the unix_socket_directories
    configuration parameter to place the socket file in a suitably
    restricted directory.
   
    Setting file-system permissions only helps for Unix-socket connections.
    Local TCP/IP connections are not restricted by file-system permissions.
    Therefore, if you want to use file-system permissions for local security,
    remove the host ... 127.0.0.1 ... line from
    pg_hba.conf, or change it to a
    non-trust authentication method.
   
    trust authentication is only suitable for TCP/IP connections
    if you trust every user on every machine that is allowed to connect
    to the server by the pg_hba.conf lines that specify
    trust.  It is seldom reasonable to use trust
    for any TCP/IP connections other than those from localhost (127.0.0.1).