> > Tatsuo Ishii wrote: > >> Is there any security risk if we enable tcpip_socket by default? We > >> restrict connection from localhost only by default so I think enabling > >> tcpip_socket adds no security risk. Please correct me if I am wrong. > > Bruce Momjian wrote: > > Right, and 7.5 will ship with tcp and localhost enabled. > > If the default will be to listen on all interfaces, not just 127.0.0.1, > then this IS a security risk. And if that's not the plan, what good does > this change do? Any "real" use of tcp would still require a > configuration > change anyway.
Consider a program using JDBC on localhost. It can only reach to PostgreSQL via TCP/IP. -- Tatsuo Ishii ---------------------------(end of broadcast)--------------------------- TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]