Skip site navigation (1) Skip section navigation (2)

Re: Spoofing as the postmaster

From: "D'Arcy J(dot)M(dot) Cain" <darcy(at)druid(dot)net>
To: Andrew Dunstan <andrew(at)dunslane(dot)net>
Cc: Magnus Hagander <magnus(at)hagander(dot)net>, Mark Mielke <mark(at)mark(dot)mielke(dot)cc>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Bruce Momjian <bruce(at)momjian(dot)us>, Andrew Sullivan <ajs(at)crankycanuck(dot)ca>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: Spoofing as the postmaster
Date: 2007-12-29 15:59:20
Message-ID: 20071229105920.e6c7cd8c.darcy@druid.net (view raw or flat)
Thread:
Lists: pgsql-hackers
On Sat, 29 Dec 2007 10:38:13 -0500
Andrew Dunstan <andrew(at)dunslane(dot)net> wrote:
> 
> 
> D'Arcy J.M. Cain wrote:
> >  - 1:  How does the client assure that the postmaster is legit
> >  - 2:  How does the postmaster assure that the client is legit
> 
> And neither answers the original problem:

Which seems to have been lost in the noise.

> 3. How can the sysadmin prevent a malicious local user from hijacking 
> the sockets if the postmaster isn't running?

A better way of stating it for sure.

> Prevention is much more valuable than ex post detection, IMNSHO.
> 
> Probably the first answer is not to run postgres on a machine with 
> untrusted users, but that's not always possible. Maybe we can't find a 
> simple cross-platform answer, but that doesn't mean we should not look 
> at platform-specific answers, at least for documentation.

Yes, that's what I said at the start of this discussion.  If you don't
trust the users with actual access to the box, the rest of this is
pretty much academic.

-- 
D'Arcy J.M. Cain <darcy(at)druid(dot)net>         |  Democracy is three wolves
http://www.druid.net/darcy/                |  and a sheep voting on
+1 416 425 1212     (DoD#0082)    (eNTP)   |  what's for dinner.

In response to

Responses

pgsql-hackers by date

Next:From: Stephen FrostDate: 2007-12-29 16:37:41
Subject: Re: Spoofing as the postmaster
Previous:From: Andrew DunstanDate: 2007-12-29 15:38:13
Subject: Re: Spoofing as the postmaster

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group