Skip site navigation (1)
Skip section navigation (2)
Peripheral Links
Header And Logo
|
Site Navigation
Re: Spoofing as the postmaster
- From: Andrew Dunstan <andrew(at)dunslane(dot)net>
- To: Peter Eisentraut <peter_e(at)gmx(dot)net>
- Cc: pgsql-hackers(at)postgresql(dot)org, Bruce Momjian <bruce(at)momjian(dot)us>, Tomasz Ostrowski <tometzky(at)batory(dot)org(dot)pl>
- Subject: Re: Spoofing as the postmaster
- Date: Sat, 22 Dec 2007 10:55:06 -0500
Peter Eisentraut wrote:
Bruce Momjian wrote:The fundamental problem is that because we don't require root, any user's postmaster or pretend postmaster is as legitimate as anyone else's. SSL certificates add legitimacy checks for TCP, but not for unix domain sockets.Wouldn't SSL work over Unix-domain sockets as well? The API only deals with file descriptors.
But we don't check the SSL cert's credentials in the client, AFAIK. That means that postmaster spoofer could just as easily spoof SSL. Communications between the client and the endpoint will be protected, but there is no protection from a man in the middle attack, which is what this is.
cheers andrew
- Follow-Ups:
- Re: Spoofing as the postmaster
- From: Magnus Hagander
- Re: Spoofing as the postmaster
- From: Peter Eisentraut
- Re: Spoofing as the postmaster
- References:
- Spoofing as the postmaster
- From: Bruce Momjian
- Re: Spoofing as the postmaster
- From: Peter Eisentraut
- Spoofing as the postmaster
- Prev by Date: Re: Spoofing as the postmaster
- Next by Date: Re: Spoofing as the postmaster
- Previous by thread: Re: Spoofing as the postmaster
- Next by thread: Re: Spoofing as the postmaster
- Indexes: