> Does this mean that the TCP port is dangerous, or that the multiple > instances of the socket is dangerous?? > What is the danger with it?
I believe the danger is that it may be externally visible, allowing outsiders to start and stop your servers, add new backends and redirect traffic to them, etc... It should be safe enough if the socket only listens on the loopback address, but in that case, you may as well use Unix sockets. Otherwise, make sure that you have strong authentication on the socket, a good firewall, and a trusted network - and ask yourself whether you really need it. In some cases, it may be feasible to listen on the loopback address and access it via an SSH tunnel.
