| From: | Francisco Olarte <folarte(at)peoplecall(dot)com> |
|---|---|
| To: | Merlin Moncure <mmoncure(at)gmail(dot)com> |
| Cc: | Marcin Giedz <marcin(dot)giedz(at)arise(dot)pl>, "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: libpq heartbeat |
| Date: | 2016-10-27 16:18:19 |
| Message-ID: | CA+bJJbxoMSvN3F1V1m__Xpfkc2eajyQCR_UbPGmmvHGa4ry5Yg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Merlin:
On Thu, Oct 27, 2016 at 6:10 PM, Merlin Moncure <mmoncure(at)gmail(dot)com> wrote:
> On Thu, Oct 27, 2016 at 10:01 AM, Francisco Olarte
> <folarte(at)peoplecall(dot)com> wrote:
>> And I'd like to point libpq sessions does not sound to be the best
>> kind of traffic across a firewall, not a good service / protocol to
>> expose.
> meh -- it's perfectly fine to expose postgres to the internet as long
> as you've handled the security concerns.
It is, but handling them is not easy, and you have to deal with things
like DoS which are not trivial on the server ( as it is a heavy
service ). It can be done, and sometimes needs to be done, but is not
a thing to take over lightly.
> This could be over ssh tunnel for example.
In which case it is NOT exposed to the internet. What are you trying to say?
Francisco Olarte.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2016-10-27 16:32:54 | Re: libpq heartbeat |
| Previous Message | Merlin Moncure | 2016-10-27 16:10:50 | Re: libpq heartbeat |