Re: Spoofing as the postmaster
| От | Mark Mielke |
|---|---|
| Тема | Re: Spoofing as the postmaster |
| Дата | |
| Msg-id | 476E0039.7090004@mark.mielke.cc обсуждение исходный текст |
| Ответ на | Re: Spoofing as the postmaster ("Brendan Jurd" <direvus@gmail.com>) |
| Ответы |
Re: Spoofing as the postmaster
|
| Список | pgsql-hackers |
Brendan Jurd wrote: <blockquote cite="mid:37ed240d0712221807w6d6c0ffbib15b17aaa48b0482@mail.gmail.com" type="cite"><br /><prewrap="">It doesn't solve the spoofing attack problem, but isn't Gurjeet's idea a good one in any case? </pre></blockquote> What makes it good? It solves no problems. It prevents the server from comingup when it otherwise might still be able to.<br /><blockquote cite="mid:37ed240d0712221807w6d6c0ffbib15b17aaa48b0482@mail.gmail.com"type="cite"><pre wrap=""> If the postmaster can't bind on one of the specified interfaces, then at the least, haven't you got got a serious configuration error the sysadmin would want to know about? Having postmaster fail seems like a sensible response. </pre></blockquote> I don't think it really matters what it does in the grand scheme of things, as it'snot solving a real problem.<br /><blockquote cite="mid:37ed240d0712221807w6d6c0ffbib15b17aaa48b0482@mail.gmail.com" type="cite"><prewrap=""> "I can't start with the configuration you've given me, so I won't start at all" is fairly normal behaviour for a server process, no</pre></blockquote> None of my servers work this way. Ifpossible, I try to make my servers auto-recover at a later time while they are still up. It means an administrator doesnot need to login to a machine at the data center to solve the problem. "Self healing" is a term that is used to describeapproaches such as this.<br /><br /> Cheers,<br /> mark<br /><br /><pre class="moz-signature" cols="72">-- Mark Mielke <a class="moz-txt-link-rfc2396E" href="mailto:mark@mielke.cc"><mark@mielke.cc></a> </pre>
В списке pgsql-hackers по дате отправления: