Peter Eisentraut <pete...@gmx.net> writes:
>> (Note that you would still need a non-default setting of
>> listen_addresses for "-h machine_name" to actually work.)
> Which makes this proposal kind of uninteresting.
Well, it's one less thing that has to be fixed for local connections
to work smoothly.
> Plus, with @authmethod@ being mostly "trust", how much faith do we have
> in samehost never giving any false positives?
Having looked at the code, I think that samehost is pretty safe. I'm
still worried about samenet picking up a bogusly broad netmask --- but
samehost hard-wires the netmask at all-ones. Even if your network
configuration is really screwed up, the kernel isn't going to send that
traffic off-machine. So I think it will act as advertised.
regards, tom lane
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
