Tom Lane wrote: > Tomasz Ostrowski <[EMAIL PROTECTED]> writes: >> So I'm not very fond of this "insecure by default, it's your problem >> to make it secure" attitude. I'm the one who reported this. > > IIRC, you started out your argument by also saying that we had to move > the TCP socket to the reserved range, so as to prevent the equivalent > problem in the TCP case. (And, given the number of clients such as > JDBC that can only connect via TCP, it certainly seems there's little > point in changing the socket case if we don't change the TCP case.)
It should also be noted that not all operating systems even have the concept of a reserved range of ports. > Fundamentally these are man-in-the-middle attacks, and the only real > solution is mutual authentication. Pretending that some quick-fix > change eliminates that class of problem is a recipe for building systems > that are less secure, not more so. And SSL can certainly do that. But I can agree that our SSL documentation could be much clearer on how to do things, and what's a best practice :-) Instead of just adding a section on "preventing spoofing attacks", perhaps what we really need is a general chapter on how to secure your system and what's best practices. Which would also cover things like don't run everything as superuser etc (which is a much more likely problem to be seen in deployments) //Magnus ---------------------------(end of broadcast)--------------------------- TIP 9: In versions below 8.0, the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match