On Sat, 22 Dec 2007 09:25:05 -0500 (EST)
Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> I think at a minimum we need to add documentation that states if you
> don't trust the local users on the postmaster server you should:
> o create unix domain socket files in a non-world-writable
> o require SSL server certificates for TCP connections
It's generally a bad idea to put your database on a public server
anyway but if you do you should definitely disable unix domain sockets
and connect over TCP to localhost. That has been our rule for years.
It's certainly a corner case. I would think that warnings, perhaps in
the config file itself, would be sufficient.
D'Arcy J.M. Cain <darcy(at)druid(dot)net> | Democracy is three wolves
http://www.druid.net/darcy/ | and a sheep voting on
+1 416 425 1212 (DoD#0082) (eNTP) | what's for dinner.
In response to
pgsql-hackers by date
|Next:||From: Peter Eisentraut||Date: 2007-12-22 15:44:16|
|Subject: Re: Spoofing as the postmaster|
|Previous:||From: Andrew Chernow||Date: 2007-12-22 14:40:15|
|Subject: Re: timetz range check issue|