| From: | Mark Mielke <mark(at)mark(dot)mielke(dot)cc> |
|---|---|
| To: | Brendan Jurd <direvus(at)gmail(dot)com> |
| Cc: | Bruce Momjian <bruce(at)momjian(dot)us>, Gurjeet Singh <singh(dot)gurjeet(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Tomasz Ostrowski <tometzky(at)batory(dot)org(dot)pl> |
| Subject: | Re: Spoofing as the postmaster |
| Date: | 2007-12-23 06:29:13 |
| Message-ID: | 476E0039.7090004@mark.mielke.cc |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Brendan Jurd wrote:
>
> It doesn't solve the spoofing attack problem, but isn't Gurjeet's idea
> a good one in any case?
>
What makes it good? It solves no problems. It prevents the server from
coming up when it otherwise might still be able to.
> If the postmaster can't bind on one of the specified interfaces, then
> at the least, haven't you got got a serious configuration error the
> sysadmin would want to know about? Having postmaster fail seems like
> a sensible response.
>
I don't think it really matters what it does in the grand scheme of
things, as it's not solving a real problem.
> "I can't start with the configuration you've given me, so I won't
> start at all" is fairly normal behaviour for a server process, no
None of my servers work this way. If possible, I try to make my servers
auto-recover at a later time while they are still up. It means an
administrator does not need to login to a machine at the data center to
solve the problem. "Self healing" is a term that is used to describe
approaches such as this.
Cheers,
mark
--
Mark Mielke <mark(at)mielke(dot)cc>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2007-12-23 06:45:14 | Re: Spoofing as the postmaster |
| Previous Message | Bruce Momjian | 2007-12-23 05:36:31 | Re: Spoofing as the postmaster |