Quick Links

Re: [HACKERS] SSL over Unix-domain sockets

From:	Alvaro Herrera <alvherre(at)commandprompt(dot)com>
To:	Andrew Dunstan <andrew(at)dunslane(dot)net>
Cc:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Bruce Momjian <bruce(at)momjian(dot)us>, Peter Eisentraut <peter_e(at)gmx(dot)net>, PostgreSQL-patches <pgsql-patches(at)postgresql(dot)org>, Mark Mielke <mark(at)mark(dot)mielke(dot)cc>
Subject:	Re: [HACKERS] SSL over Unix-domain sockets
Date:	2008-01-18 01:50:40
Message-ID:	20080118015040.GS17828@alvh.no-ip.org
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers pgsql-patches

Andrew Dunstan wrote:
>
>
> Alvaro Herrera wrote:
>> Andrew Dunstan wrote:
>>
>>
>>> I agree. I remain of the opinion that this is not a problem than can be
>>> solved purely within the bounds of postgres.
>>
>> I agree. Please comment on my proposed solution.
>
> I'm not sure tmp cleaners will work that well against a determined spoofer.

I don't understand. The tmp cleaner is something we have to _avoid_.
Let me repeat my proposal.

I propose to create a dangling symlink on system startup in
/tmp/.s.PGSQL.<port> to the real socket, which is not on a
world-writable directory. This avoids the spoofer, because he cannot
create the socket -- the symlink is occupying its place.

The only problem with this proposal is that the tmp cleaner would remove
the symlink. The solution to this is to configure the tmp cleaner so
that it doesn't do that.

It absolutely requires cooperation from the sysadmin, both to setup the
symlink initially, and to configure the tmp cleaner.

--
Alvaro Herrera http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.

In response to

Re: [HACKERS] SSL over Unix-domain sockets at 2008-01-18 01:37:23 from Andrew Dunstan

Responses

Re: [HACKERS] SSL over Unix-domain sockets at 2008-01-18 02:16:42 from Tom Lane
Re: [HACKERS] SSL over Unix-domain sockets at 2008-01-18 02:17:33 from Bruce Momjian
Re: [HACKERS] SSL over Unix-domain sockets at 2008-01-18 02:42:05 from Andrew Dunstan
Re: [HACKERS] SSL over Unix-domain sockets at 2008-01-18 10:38:23 from Peter Eisentraut

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Tom Lane	2008-01-18 02:16:42	Re: [HACKERS] SSL over Unix-domain sockets
Previous Message	Andrew Dunstan	2008-01-18 01:37:23	Re: [HACKERS] SSL over Unix-domain sockets

Browse pgsql-patches by date

	From	Date	Subject
Next Message	Tom Lane	2008-01-18 02:16:42	Re: [HACKERS] SSL over Unix-domain sockets
Previous Message	Andrew Dunstan	2008-01-18 01:37:23	Re: [HACKERS] SSL over Unix-domain sockets