On Tue, 16 Dec 2003, scott.marlowe wrote: > > > If you want to prevent "accidential" access, start postmaster on a > > > non-standard port. > > > > That seems like an unfriendly thing to do. You'd have to check to see what > > port is "standard" for this particular installation, and pick something > > else. You may choose an unused port, but perhaps it needs to be used in a > > few minutes by some other process, but then will be occupied. The > > administrator may also not be happy to have an open port facing the world, > > or even just other possibly untrusted users on the same machine, assuming > > you bind to localhost. > > But aren't ports above a certain number "fair game"? > > Yep, just answered my own question, quoting from /etc/services: > > The latest IANA port assignments can be gotten from > # http://www.iana.org/assignments/port-numbers > # The Well Known Ports are those from 0 through 1023. > # The Registered Ports are those from 1024 through 49151 > # The Dynamic and/or Private Ports are those from 49152 through 65535 > > so as long as we use 49152 and above we're cool.
I guess that would work, though this objection remains: > > The administrator may also not be happy to have an open port facing > > the world, or even just other possibly untrusted users on the same > > machine, assuming you bind to localhost. If the PostgreSQL administrator and the system administrator were always the same person, that would be less of a big deal since the sysadmin would know what's going on (assuming s/he reads the docs). Why not use a different UNIX socket in a directory not accessible to others? That would be more secure. Jon ---------------------------(end of broadcast)--------------------------- TIP 8: explain analyze is your friend
