On Mon, Feb 15, 2010 at 3:45 PM, Fujii Masao <masao.fujii@gmail.com> wrote:
> On Fri, Feb 12, 2010 at 11:46 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> Even more to the point is that some of them, like PGPORT, are highly
>> likely to be set in a server's environment to point to the server
>> itself. It would be extremely dangerous to automatically try to start
>> replication just because we find those set. In fact, I would argue that
>> we should fix things so that any such variables inherited from the
>> server environment are intentionally *NOT* used for making SR
>> connections.
This Tom's complaint is listed as a TODO item. How should we treat this?
I'm leaning toward postponing the item to v9.1 or later. Currently the
server during recovery doesn't accept the replication connection. So
it's not so dangerous for walreceiver to use the environment variables
which might point to the server itself, I think. That connection is
always refused.
Let us revisit this issue when we allow the standby server to accept the
replication connection from another standby? And I think that we should
prevent the standby from accepting the connection from its walreceiver,
rather than prevent the standby from using the environment variables.
Regards,
--
Fujii Masao
NIPPON TELEGRAPH AND TELEPHONE CORPORATION
NTT Open Source Software Center
