Jan Wieck <[EMAIL PROTECTED]> writes: > So either we do the random signature thing, which I would favor as a one > time be all, end all solution - or you do the actual from-address based > implementation by restoring the old IPV4 behaviour and adding correct > IPV6 behaviour.
My feeling at this point is that it's not worth spending any effort on. But if someone wants to expend effort, let's go with Jan's random-signature idea. That is simple, unquestionably portable, and AFAICS it defends against more than the source-address check would defend against, even after we got it right. (Consider spoofed packet source addresses.) regards, tom lane ---------------------------(end of broadcast)--------------------------- TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faqs/FAQ.html