Re: host name support in pg_hba.conf - Mailing list pgsql-hackers
| From | Tom Lane |
|---|---|
| Subject | Re: host name support in pg_hba.conf |
| Date | |
| Msg-id | 6068.1286331472@sss.pgh.pa.us Whole thread Raw |
| In response to | Re: host name support in pg_hba.conf (KaiGai Kohei <kaigai@ak.jp.nec.com>) |
| Responses |
Re: host name support in pg_hba.conf
Re: host name support in pg_hba.conf |
| List | pgsql-hackers |
KaiGai Kohei <kaigai@ak.jp.nec.com> writes: >> Note that we already default listen_addresses to 'localhost', so it >> would only make sense to have pg_hba.conf behave the same by default. >> To pick up on your argument, we effectively *do* make assumptions >> about /etc/hosts now, and this change would remove them. >> > Sorry, I misread something. > I read the previous discussions again, then I know I misread the reason > why Robert disagreed with this replacement. He said we should not assume > resolve of localhost being enough fast because of local /etc/hosts, not > saying we should not assume localhost is "127.0.0.1" or "::1". Right? > Well, in my personal opinion, we should not assume the way to resolve > localhost, but we can expect more than 99.9% of hosts resolve localhost > using local /etc/hosts. Even if here is a curious setting, it will pay > a bit more cost on connection. It is a responsibility of DBA. > I agree with replacement "127.0.0.1" and "::1" by "localhost". > It enables to eliminate an assumption that localhost have either of > their addresses. This argument is completely unfounded in reality. Please go read the relevant RFCs. 127.0.0.1 is standardized as the IPv4 loopback address (see RFC3330), and ::1 is standardized as the IPv6 loopback address (see RFC1884 section 2.4.3). So far as I can find, there is *no* standard mandating that localhost means the loopback address. RFC1537 suggests that DNS domains "should" resolve localhost.anything as 127.0.0.1; but that is a lot weaker than the other specifications, and there's nothing whatever to promise that it will work in a DNS-less environment. In fact, we have seen cases where it didn't work even with publicly available DNS servers, eg http://archives.postgresql.org/pgsql-admin/2010-05/msg00073.php That example leads me to think that using localhost in the default pg_hba.conf file would actually be a security hazard: you would be placing it in the hands of your DNS provider as to which addresses Postgres will believe are "local" connections. That's an OK decision for individual admins to make, but it's not a good idea for us to ship it as a universal default. (Note that relying on the DNS provider to interpret listen_addresses is not nearly as dangerous, since in any case the kernel isn't going to let us bind() to nonlocal addresses.) On top of that, there's no way for your DNS server to know whether your local kernel speaks IPv6 or not, so you might not get a resolution of the name that includes the appropriate loopback addresses. This may or may not have anything to do with the reports we occasionally get of people having to change listen_addresses to "*" to get things to work. Between these issues and the speed concern, I don't think that we should change this. regards, tom lane
pgsql-hackers by date: