Re: [HACKERS] Another crack at doing a Win32

From: Andrew Dunstan <andrew(at)dunslane(dot)net>
To: pgsql-hackers-win32(at)postgresql(dot)org
Subject: Re: [HACKERS] Another crack at doing a Win32
Date: 2004-03-05 14:56:29
Message-ID: 4048951D.5070008@dunslane.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers pgsql-hackers-win32 pgsql-patches

I wrote:

>Magnus Hagander said:
>
>
>>>Is there a case for forcing -i and ignoring the GUC setting
>>>on Windows? Since we can't do Unix domain sockets there it
>>>would seem to make sense.
>>>
>>>
>>Yeah, that could be done. I was more into doing a generic fix that
>>would fail gracefully in any case when the server is not listening on
>>anything (no Unix, no TCPIP) and error out then.
>>
>>Are there any other platforms which don't have unix sockets? If not,
>>then that thought is not valid, and we shuold just force it on win32.
>>If not, how do they handle starting of the postmaster without -i today?
>>And do we want the same behaviour there?
>>
>>Perhaps we should force it to open a tcp socket on 127.0.0.1 only? That
>>way we don't suddenly open up to external connections without the user
>>asking for it.
>>
>>
>>
>
>Hmm. That also raises the question of what we should do if virtual_host is
>set.
>
>[thinks some more ...]
>
>
>
.....

How does this sound?

. if -i/tcpip_socket is not set, then bind to localhost
. if -i/tcpip_socket is set, and virtual_host is not set, behave as now
(i.e. bind to all addresses)
. if -i/tcpip_socket is set, and virtual_host is set, bind to all but
immediately close connections where the local address is not either
localhost or the virtual_host.

That seems to me to get as close as reasonably possible to the Unix
behaviour. I don't think that always allowing localhost connections on
Windows is a big security risk.

Also, what is the default connection mode of psql? It should probably be
equivalent to "-h localhost", shouldn't it?

I haven't thought through what might be the IP4/IP6 implications.

cheers

andrew

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Lamar Owen 2004-03-05 15:00:56 Re: Sigh, 7.3.6 rewrap not right
Previous Message Mark Gibson 2004-03-05 14:50:40 Re: Sigh, 7.3.6 rewrap not right

Browse pgsql-hackers-win32 by date

  From Date Subject
Next Message Tom Lane 2004-03-05 15:14:50 Re: [HACKERS] Another crack at doing a Win32 build under MINGW
Previous Message Bruce Momjian 2004-03-05 14:48:32 Re: [HACKERS] Tablespaces

Browse pgsql-patches by date

  From Date Subject
Next Message Tom Lane 2004-03-05 15:14:50 Re: [HACKERS] Another crack at doing a Win32 build under MINGW
Previous Message Bruce Momjian 2004-03-05 14:54:58 Re: notice about costly ri checks (2)