Skip site navigation (1) Skip section navigation (2)

Re: [HACKERS] SSL over Unix-domain sockets

From: Alvaro Herrera <alvherre(at)commandprompt(dot)com>
To: Andrew Dunstan <andrew(at)dunslane(dot)net>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Bruce Momjian <bruce(at)momjian(dot)us>, Peter Eisentraut <peter_e(at)gmx(dot)net>, PostgreSQL-patches <pgsql-patches(at)postgresql(dot)org>, Mark Mielke <mark(at)mark(dot)mielke(dot)cc>
Subject: Re: [HACKERS] SSL over Unix-domain sockets
Date: 2008-01-18 01:50:40
Message-ID: 20080118015040.GS17828@alvh.no-ip.org (view raw or flat)
Thread:
Lists: pgsql-hackerspgsql-patches
Andrew Dunstan wrote:
>
>
> Alvaro Herrera wrote:
>> Andrew Dunstan wrote:
>>
>>   
>>> I agree. I remain of the opinion that this is not a problem than can be 
>>> solved purely within the bounds of postgres.
>>
>> I agree.  Please comment on my proposed solution.
>
> I'm not sure tmp cleaners will work that well against a determined spoofer.

I don't understand.  The tmp cleaner is something we have to _avoid_.
Let me repeat my proposal.

I propose to create a dangling symlink on system startup in
/tmp/.s.PGSQL.<port> to the real socket, which is not on a
world-writable directory.  This avoids the spoofer, because he cannot
create the socket -- the symlink is occupying its place.

The only problem with this proposal is that the tmp cleaner would remove
the symlink.  The solution to this is to configure the tmp cleaner so
that it doesn't do that.

It absolutely requires cooperation from the sysadmin, both to setup the
symlink initially, and to configure the tmp cleaner.

-- 
Alvaro Herrera                                http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.

In response to

Responses

pgsql-hackers by date

Next:From: Tom LaneDate: 2008-01-18 02:16:42
Subject: Re: [HACKERS] SSL over Unix-domain sockets
Previous:From: Andrew DunstanDate: 2008-01-18 01:37:23
Subject: Re: [HACKERS] SSL over Unix-domain sockets

pgsql-patches by date

Next:From: Tom LaneDate: 2008-01-18 02:16:42
Subject: Re: [HACKERS] SSL over Unix-domain sockets
Previous:From: Andrew DunstanDate: 2008-01-18 01:37:23
Subject: Re: [HACKERS] SSL over Unix-domain sockets

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group