Home > mailing lists

Re: enabling tcpip_socket by default - Mailing list pgsql-hackers

From	Tatsuo Ishii
Subject	Re: enabling tcpip_socket by default
Date	May 17, 2004 07:40:40
Msg-id	20040517.164025.35007710.t-ishii@sra.co.jp Whole thread Raw
In response to	Re: enabling tcpip_socket by default (Marko Karppinen <marko@karppinen.fi>)
Responses	Re: enabling tcpip_socket by default
List	pgsql-hackers

Tree view

> > Tatsuo Ishii wrote:
> >> Is there any security risk if we enable tcpip_socket by default? We
> >> restrict connection from localhost only by default so I think enabling
> >> tcpip_socket adds no security risk. Please correct me if I am wrong.
> 
> Bruce Momjian wrote:
> > Right, and 7.5 will ship with tcp and localhost enabled.
> 
> If the default will be to listen on all interfaces, not just 127.0.0.1,
> then this IS a security risk. And if that's not the plan, what good does
> this change do? Any "real" use of tcp would still require a 
> configuration
> change anyway.

Consider a program using JDBC on localhost. It can only reach to
PostgreSQL via TCP/IP.
--
Tatsuo Ishii

pgsql-hackers by date:

From: Marko Karppinen
Date: 17 May 2004, 07:29:51
Subject: Re: enabling tcpip_socket by default

From: Philip Yarra
Date: 17 May 2004, 07:40:58
Subject: Re: enabling tcpip_socket by default

Re: enabling tcpip_socket by default - Mailing list pgsql-hackers

Previous

Next