| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | Olaf Bohlen <olbohlen(at)eenfach(dot)de> |
| Cc: | buildfarm-members(at)postgresql(dot)org |
| Subject: | Re: SSL tests |
| Date: | 2024-04-04 14:29:17 |
| Message-ID: | 192d7b4f-16e4-404c-ac4b-9f8fa680f5cf@dunslane.net |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | buildfarm-members |
On 2024-04-04 Th 09:59, Olaf Bohlen wrote:
> Andrew Dunstan <andrew(at)dunslane(dot)net> writes:
>
> Hi Andres,
>
>> In general, unless your animal is running on a multi-user system,
>> enabling these tests should be safe, which you could do by
>> uncommenting the last line above or inserting it into your config file
>> if not present.
> Could you elaborate a bit on this? My animal is indeed running as
> a Container on a multi-user system. Is it "just" extreme cpu
> intensive or are there other aspects?
>
No, it's more a security issue. We have to run the server for SSL tests
with TCP enabled, meaning other users on the localhost can connect to
it. If untrusted users in your multi-user environment can connect to a
socket in your container, then you probably should not turn this on.
cheers
andrew
--
Andrew Dunstan
EDB: https://www.enterprisedb.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2024-04-04 16:01:55 | Re: Server upgrade. |
| Previous Message | Wolfgang Walther | 2024-04-04 14:17:46 | Re: SSL tests |