Re: Re[2]: [BUGS] BUG #10140: Configured for 127.0.0.1 but binds to all IP - Mailing list pgsql-bugs
| From | Dave Page |
|---|---|
| Subject | Re: Re[2]: [BUGS] BUG #10140: Configured for 127.0.0.1 but binds to all IP |
| Date | |
| Msg-id | CA+OCxoxyMN8WVZ1VHgSpz5p_QLo=R=3dbeDLRtXARME_wThQqw@mail.gmail.com Whole thread Raw |
| In response to | Re[2]: [BUGS] BUG #10140: Configured for 127.0.0.1 but binds to all IP (sdfasdf asdfasdf <sofiamay@mail.ru>) |
| List | pgsql-bugs |
On Sat, Apr 26, 2014 at 8:50 AM, sdfasdf asdfasdf <sofiamay@mail.ru> wrote: > IT IS A SECURITY (NETWORK) BUG (bind to all ip instead of 127.0.0.1). > > 1) I download binare form http://www.enterprisedb.com/products-services-training/pgbindownload > > Versions wich i download: 9.3.4 and 9.2.8 (Win x86-32) > > 2) In config file i wrote: > > listen_addresses = '127.0.0.1' > > 3) Then i do init db and run this command: > > C:\database\PostgreSQL-9.3.4\bin\pg_ctl.exe start -w -D "C:\Postgre" -s -o "-i" > > PostgreSQL start and work fine, but binds to all ips. > > My system is WINDOWS 7. Win7 pro x64. NOT LINUX. > > In Console: > ********************************** > psql -U postgres > show listen_addresses; > > output: > listen_addresses > ------------------ > * > (1 User) > ********************************** > > But show in config file: C:\Postgre\postgresql.conf > > In Console: > ********************************** > sort<C:\Postgre\postgresql.conf > lalala.... > listen_addresses = '127.0.0.1' # what IP address(es) to listen on; > lalala.... > ********************************** > > then > > In Console: > ********************************** > netstat -a > > TCP 0.0.0.0:5432 UserPC:0 LISTENING > TCP [::]:5432 UserPC:0 LISTENING > ********************************** > > I test this bug with 9.3 and 9.2 (Win x86-32) versions of PostgreSQL. Another version not tested (i have not time). > You can check it yourself. I checked it myself, on Windows 7 x86_64, with 9.3 (64 bit) using 127.0.0.1 and 9.2 (32 bit) using localhost. In both cases: - Show listen_addresses returns the expected value. - If I try to connect using my non-loopback addresses, the connections fail. - Netstat shows that the servers are only listening on 127.0.0.1 (ports 5433 and 5436 in this case): C:\Users\dpage\Documents>netstat -an Active Connections Proto Local Address Foreign Address State TCP 0.0.0.0:80 0.0.0.0:0 LISTENING TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 0.0.0.0:2103 0.0.0.0:0 LISTENING TCP 0.0.0.0:2105 0.0.0.0:0 LISTENING TCP 0.0.0.0:2107 0.0.0.0:0 LISTENING TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING TCP 0.0.0.0:8192 0.0.0.0:0 LISTENING TCP 0.0.0.0:8193 0.0.0.0:0 LISTENING TCP 0.0.0.0:8194 0.0.0.0:0 LISTENING TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING TCP 0.0.0.0:49156 0.0.0.0:0 LISTENING TCP 0.0.0.0:49185 0.0.0.0:0 LISTENING TCP 0.0.0.0:49241 0.0.0.0:0 LISTENING TCP 0.0.0.0:49242 0.0.0.0:0 LISTENING TCP 0.0.0.0:49252 0.0.0.0:0 LISTENING TCP 0.0.0.0:49253 0.0.0.0:0 LISTENING TCP 0.0.0.0:51234 0.0.0.0:0 LISTENING TCP 127.0.0.1:5433 0.0.0.0:0 LISTENING TCP 127.0.0.1:5436 0.0.0.0:0 LISTENING ... ... -- Dave Page Blog: http://pgsnake.blogspot.com Twitter: @pgsnake EnterpriseDB UK: http://www.enterprisedb.com The Enterprise PostgreSQL Company
pgsql-bugs by date: