Quick Links

Re: Password requirement in windows installer

From:	Decibel! <decibel(at)decibel(dot)org>
To:	Andrew Dunstan <andrew(at)dunslane(dot)net>
Cc:	Dave Page <dpage(at)postgresql(dot)org>, PostgreSQL-development list <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: Password requirement in windows installer
Date:	2007-08-31 17:30:02
Message-ID:	20070831173002.GA38801@decibel.org
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On Fri, Aug 31, 2007 at 12:37:16PM -0400, Andrew Dunstan wrote:
>
>
> Decibel! wrote:
> >Is there something insecure about using ident sameuser for localhost
> >authentication on Windows?
> >
>
> FWIW, I never advise people to use ident auth for postgres except on
> local (a.k.a. Unix domain socket) connections, which don't exist on Windows.

Is it easy to spoof where an incoming connection request is coming from?
Is there something else that makes ident on 127.0.0.1/32 insecure?
--
Decibel!, aka Jim Nasby decibel(at)decibel(dot)org
EnterpriseDB http://enterprisedb.com 512.569.9461 (cell)

In response to

Re: Password requirement in windows installer at 2007-08-31 16:37:16 from Andrew Dunstan

Responses

Re: Password requirement in windows installer at 2007-08-31 17:43:47 from Andrew Sullivan

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Andrew Dunstan	2007-08-31 17:41:47	Re: enum types and binary queries
Previous Message	Decibel!	2007-08-31 17:17:14	Re: enum types and binary queries