On Thu, Oct 1, 2009 at 11:35 AM, Tom Lane <t...@sss.pgh.pa.us> wrote: > Stef Walter <stef-l...@memberwebs.com> writes: >> Tom Lane wrote: >>> Now that the samehost/samenet patch is in, I wonder if it wouldn't be >>> a good idea to replace this part of the default pg_hba.conf file: > >> You're probably not suggesting this, but I would be against a default >> setting of 'samehost' used with 'trust'. > >> Essentially that would be the same as rlogin rsh, where if the user can >> spoof a TCP connection, he can connect to postgresql. Depending on the >> platform, an interface may have to be down for this to work. > > Is there any actual risk here that we aren't taking already just by > allowing 127.0.0.1?
I wouldn't bet that there isn't. I don't really think there's any need for our default configuration to be at the mercy of every half- baked TCP/IP implementation out there. A socket file in /tmp can't be remotely hacked (well, not directly anyway); anything else is further from a sure thing. ...Robert -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
