On Fri, Aug 31, 2007 at 12:37:16PM -0400, Andrew Dunstan wrote:
>
>
> Decibel! wrote:
> >Is there something insecure about using ident sameuser for localhost
> >authentication on Windows?
> >
>
> FWIW, I never advise people to use ident auth for postgres except on
> local (a.k.a. Unix domain socket) connections, which don't exist on Windows.

Is it easy to spoof where an incoming connection request is coming from?
Is there something else that makes ident on 127.0.0.1/32 insecure?
--
Decibel!, aka Jim Nasby decibel@decibel.org
EnterpriseDB http://enterprisedb.com 512.569.9461 (cell)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.3 (FreeBSD)

iD8DBQFG2FAadO30qud8SkgRAt4oAKDOQL7jzEPB9vIeKvgPkl f/zPEL9wCg1O9d
xSX/OwrsXnYGefDhy6cEAcM=
=5+h7
-----END PGP SIGNATURE-----