Brendan Jurd wrote:
> It doesn't solve the spoofing attack problem, but isn't Gurjeet's idea
> a good one in any case?
What makes it good? It solves no problems. It prevents the server from
coming up when it otherwise might still be able to.
> If the postmaster can't bind on one of the specified interfaces, then
> at the least, haven't you got got a serious configuration error the
> sysadmin would want to know about? Having postmaster fail seems like
> a sensible response.
I don't think it really matters what it does in the grand scheme of
things, as it's not solving a real problem.
> "I can't start with the configuration you've given me, so I won't
> start at all" is fairly normal behaviour for a server process, no
None of my servers work this way. If possible, I try to make my servers
auto-recover at a later time while they are still up. It means an
administrator does not need to login to a machine at the data center to
solve the problem. "Self healing" is a term that is used to describe
approaches such as this.
Mark Mielke <mark(at)mielke(dot)cc>
In response to
pgsql-hackers by date
|Next:||From: Tom Lane||Date: 2007-12-23 06:45:14|
|Subject: Re: Spoofing as the postmaster |
|Previous:||From: Bruce Momjian||Date: 2007-12-23 05:36:31|
|Subject: Re: Spoofing as the postmaster|