Jan Wieck <[EMAIL PROTECTED]> writes:
> So either we do the random signature thing, which I would favor as a one
> time be all, end all solution - or you do the actual from-address based
> implementation by restoring the old IPV4 behaviour and adding correct
> IPV6 behaviour.
My feeling at this point is that it's not worth spending any effort on.
But if someone wants to expend effort, let's go with Jan's
random-signature idea. That is simple, unquestionably portable, and
AFAICS it defends against more than the source-address check would
defend against, even after we got it right. (Consider spoofed packet
source addresses.)
regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faqs/FAQ.html
