Re: Adding Rendezvous support to postmaster

At 2:30 AM -0400 5/26/03, Tom Lane wrote:
>Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
>> I will apply this patch soon,
>
>> Chris Campbell wrote:
>>> This allows client programs running on computers that are on the same
>>> link-local network as the postgresql server to automatically find the
>>> server's IP address and port number. This adds great ease-of-use for
>>> end users.
>
>Are there any security issues that we should be worrying about here?

Rendezvous is only a service discovery protocol. There are no
security issues beyond those inherent in making the postmaster
service available at all. Think nmap, simplified.

There could be security implications for clients that connect via the
Rendezvous name and use no other authentication to verify that they
are talking to the server they expect. These risks are similar to the
risks posed by DNS spoofing for example.

> >> Rendezvous also has the notion of a service type string. It's a bit
>>> like a domain name: I suggest we use "_pgsql._tcp." (another example
>>> would be "_ftp._tcp.").
>
>Is there some central authority that we need to register this name
>with?

No, but using the IANA service registration "postgresql" would
probably be the best choice.

PS: It'd be nice to have a corresponding patch for psql that offered
a menu of available postmasters.

-pmb