|
1 | | -<!-- $PostgreSQL: pgsql/doc/src/sgml/config.sgml,v 1.229 2009/09/22 23:43:37 tgl Exp $ --> |
| 1 | +<!-- $PostgreSQL: pgsql/doc/src/sgml/config.sgml,v 1.230 2009/10/03 23:10:47 momjian Exp $ --> |
2 | 2 |
|
3 | 3 | <chapter Id="runtime-config"> |
4 | 4 | <title>Server Configuration</title> |
@@ -329,8 +329,14 @@ SET ENABLE_SEQSCAN TO OFF; |
329 | 329 | at all, in which case only Unix-domain sockets can be used to connect |
330 | 330 | to it. |
331 | 331 | The default value is <systemitem class="systemname">localhost</>, |
332 | | - which allows only local <quote>loopback</> connections to be made. |
333 | | - This parameter can only be set at server start. |
| 332 | + which allows only local <quote>loopback</> connections to be |
| 333 | + made. While client authentication (<xref |
| 334 | + linkend="client-authentication">) allows fine-grained control |
| 335 | + over who can access the server, <varname>listen_addresses</varname> |
| 336 | + controls which interfaces accept connection attempts, which |
| 337 | + can help prevent repeated malicious connection requests on |
| 338 | + insecure network interfaces. This parameter can only be set |
| 339 | + at server start. |
334 | 340 | </para> |
335 | 341 | </listitem> |
336 | 342 | </varlistentry> |
|