On Wed, Sep 10, 2003 at 12:49:31 -0400, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>
> The question is whether any of this is worth worrying about in PG.
> ISTM the correct solution to such a risk is to tighten your kernel's
> packet filtering, not harden one piece of one application.
On linux at least, it is pretty easy to make sure packets claiming to
be from loopback are dropped if they don't come in on the loopback
interface.