| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Magnus Hagander <magnus(at)hagander(dot)net> |
| Cc: | Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org, Bruce Momjian <bruce(at)momjian(dot)us>, Brendan Jurd <direvus(at)gmail(dot)com>, Tomasz Ostrowski <tometzky(at)batory(dot)org(dot)pl> |
| Subject: | Re: Spoofing as the postmaster |
| Date: | 2007-12-23 19:37:26 |
| Message-ID: | 14195.1198438646@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Magnus Hagander <magnus(at)hagander(dot)net> writes:
> Peter Eisentraut wrote:
>> These services either use a protected port or a protected directory, or they
>> support SSL or something similar (SSH), or they are deprecated, as many
>> traditional Unix services are. If you find a service that is not covered by
>> this, then yes, you have a problem.
> It's certainly the default on my SQL Servers. And Sybase. AFAIK it's the
> default on MySQL,
Nyet. I find this in configure.in in mysql 5.0.45 (reasonably current):
# The port should be constant for a LONG time
MYSQL_TCP_PORT_DEFAULT=3306
MYSQL_UNIX_ADDR_DEFAULT="/tmp/mysql.sock"
I see that Red Hat's RPM specfile overrides that:
--with-unix-socket-path=/var/lib/mysql/mysql.sock
which was a decision that was taken long before I had anything to do
with it. Note that neither the out-of-the-box default nor the
RH-modified convention appear to support multiple servers on the same
box with any degree of convenience; the server doesn't adjust the path
name depending on port number.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2007-12-23 19:40:56 | Re: Spoofing as the postmaster |
| Previous Message | Andrew Dunstan | 2007-12-23 15:57:17 | Re: Spoofing as the postmaster |