Skip site navigation (1) Skip section navigation (2)

Re: [HACKERS] SSL over Unix-domain sockets

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Bruce Momjian <bruce(at)momjian(dot)us>
Cc: Alvaro Herrera <alvherre(at)commandprompt(dot)com>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Peter Eisentraut <peter_e(at)gmx(dot)net>, PostgreSQL-patches <pgsql-patches(at)postgresql(dot)org>, Mark Mielke <mark(at)mark(dot)mielke(dot)cc>
Subject: Re: [HACKERS] SSL over Unix-domain sockets
Date: 2008-01-18 02:21:19
Message-ID: 19369.1200622879@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackerspgsql-patches
Bruce Momjian <bruce(at)momjian(dot)us> writes:
> I am confused because you say "dangling" then you say "to the real
> socket".  You are saying it isn't dangling when the server is running?

Exactly.  When the server is running it provides a perfectly good path
to the postmaster.  The point (and the main difference from your PIDfile
proposal) is that it's supposed to be there all the time, even when the
postmaster isn't running.  This is what provides protection against the
spoofer getting there first.

> If you are going to require the admin to modify the tmp cleanup script,
> the admin might as well create the symlink at the same time and have it
> recreate on boot.

No, that's not the same, because it doesn't provide protection against
the symlink getting deleted later on.

			regards, tom lane

In response to

Responses

pgsql-hackers by date

Next:From: Bruce MomjianDate: 2008-01-18 02:24:26
Subject: Re: [HACKERS] SSL over Unix-domain sockets
Previous:From: Bruce MomjianDate: 2008-01-18 02:21:18
Subject: Re: [HACKERS] SSL over Unix-domain sockets

pgsql-patches by date

Next:From: Bruce MomjianDate: 2008-01-18 02:24:26
Subject: Re: [HACKERS] SSL over Unix-domain sockets
Previous:From: Bruce MomjianDate: 2008-01-18 02:21:18
Subject: Re: [HACKERS] SSL over Unix-domain sockets

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group