Skip site navigation (1)
Skip section navigation (2)
Peripheral Links
Header And Logo
|
Site Navigation
Re: Spoofing as the postmaster
- From: "Marko Kreen" <markokr(at)gmail(dot)com>
- To: "Peter Eisentraut" <peter_e(at)gmx(dot)net>
- Cc: pgsql-hackers(at)postgresql(dot)org, "Bruce Momjian" <bruce(at)momjian(dot)us>, "Tomasz Ostrowski" <tometzky(at)batory(dot)org(dot)pl>
- Subject: Re: Spoofing as the postmaster
- Date: Sat, 22 Dec 2007 21:03:54 +0200
On 12/22/07, Peter Eisentraut <peter_e(at)gmx(dot)net> wrote: > Bruce Momjian wrote: > > The fundamental problem is that because we don't require root, any user's > > postmaster or pretend postmaster is as legitimate as anyone else's. SSL > > certificates add legitimacy checks for TCP, but not for unix domain > > sockets. > > Wouldn't SSL work over Unix-domain sockets as well? The API only deals with > file descriptors. For Unix sockets it should be enough to just check server process uid, no? (FYI - Debian already puts unix socket to directory writable only to postgres user, so they dont have the problem. Maybe we should encourage distros to move away from /tmp?) -- marko
- Follow-Ups:
- Re: Spoofing as the postmaster
- From: Tom Lane
- Re: Spoofing as the postmaster
- References:
- Spoofing as the postmaster
- From: Bruce Momjian
- Re: Spoofing as the postmaster
- From: Peter Eisentraut
- Spoofing as the postmaster
- Prev by Date: Re: Spoofing as the postmaster
- Next by Date: Re: Spoofing as the postmaster
- Previous by thread: Re: Spoofing as the postmaster
- Next by thread: Re: Spoofing as the postmaster
- Indexes: