Home > mailing lists

Re: Password requirement in windows installer - Mailing list pgsql-hackers

From	Andrew Sullivan
Subject	Re: Password requirement in windows installer
Date	August 31, 2007 17:44:25
Msg-id	20070831174347.GG12876@phlogiston.dyndns.org Whole thread Raw
In response to	Re: Password requirement in windows installer (Decibel! <decibel@decibel.org>)
Responses	Re: Password requirement in windows installer (Gregory Stark <stark@enterprisedb.com>)
List	pgsql-hackers

Tree view

On Fri, Aug 31, 2007 at 12:30:02PM -0500, Decibel! wrote:
> 
> Is it easy to spoof where an incoming connection request is coming from?
> Is there something else that makes ident on 127.0.0.1/32 insecure?

It shouldn't be easy.  Ident uses TCP, which is rather harder to
spoof.  If someone can originate spoofed TCP packets from 127.0.0.1,
you gots bigger problems than them being able to lie about the
identity of a user.

A

-- 
Andrew Sullivan  | ajs@crankycanuck.ca
However important originality may be in some fields, restraint and 
adherence to procedure emerge as the more significant virtues in a 
great many others.   --Alain de Botton

pgsql-hackers by date:

From: Andrew Dunstan
Date: 31 August 2007, 17:41:55
Subject: Re: enum types and binary queries

From: Decibel!
Date: 31 August 2007, 17:58:46
Subject: Re: enum types and binary queries

Re: Password requirement in windows installer - Mailing list pgsql-hackers

Previous

Next