Tom Lane wrote:
> I was about to say "I give up, let's just take out the comparison".
> Your point is interesting but easily avoided; if we aren't going to check
> fromaddr anymore then there's no need to use recvfrom(), it could as
> well be recv() and save the kernel a few cycles.
Which then get's us back to your concern about assuming that HPUX and
Linux manpages can be taken as "every platform will" and hope all
kernels will limit the sender for recv() to the connected address.
Since all involved processes are children of the postmaster, we can add
some other, random number based security signature into the message
itself. Noone outside will know what that is, it's really hard to guess
and can be checked with a few int32 compares, not even a function call
required.
Jan
--
#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me. #
#================================================== JanWieck@Yahoo.com #
