Skip site navigation (1) Skip section navigation (2)

Re: [HACKERS] SSL over Unix-domain sockets

From: Bruce Momjian <bruce(at)momjian(dot)us>
To: Alvaro Herrera <alvherre(at)commandprompt(dot)com>
Cc: Andrew Dunstan <andrew(at)dunslane(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Peter Eisentraut <peter_e(at)gmx(dot)net>, PostgreSQL-patches <pgsql-patches(at)postgresql(dot)org>, Mark Mielke <mark(at)mark(dot)mielke(dot)cc>
Subject: Re: [HACKERS] SSL over Unix-domain sockets
Date: 2008-01-18 02:17:33
Message-ID: 200801180217.m0I2HXx24806@momjian.us (view raw or flat)
Thread:
Lists: pgsql-hackerspgsql-patches
Alvaro Herrera wrote:
> > I'm not sure tmp cleaners will work that well against a determined spoofer.
> 
> I don't understand.  The tmp cleaner is something we have to _avoid_.
> Let me repeat my proposal.
> 
> I propose to create a dangling symlink on system startup in
> /tmp/.s.PGSQL.<port> to the real socket, which is not on a

I am confused because you say "dangling" then you say "to the real
socket".  You are saying it isn't dangling when the server is running?

> world-writable directory.  This avoids the spoofer, because he cannot
> create the socket -- the symlink is occupying its place.
> 
> The only problem with this proposal is that the tmp cleaner would remove
> the symlink.  The solution to this is to configure the tmp cleaner so
> that it doesn't do that.
> 
> It absolutely requires cooperation from the sysadmin, both to setup the
> symlink initially, and to configure the tmp cleaner.

If you are going to require the admin to modify the tmp cleanup script,
the admin might as well create the symlink at the same time and have it
recreate on boot.  We could actually just document this idea and be done
with it.

-- 
  Bruce Momjian  <bruce(at)momjian(dot)us>        http://momjian.us
  EnterpriseDB                             http://postgres.enterprisedb.com

  + If your life is a hard drive, Christ can be your backup. +

In response to

Responses

pgsql-hackers by date

Next:From: Bruce MomjianDate: 2008-01-18 02:21:18
Subject: Re: [HACKERS] SSL over Unix-domain sockets
Previous:From: Tom LaneDate: 2008-01-18 02:16:42
Subject: Re: [HACKERS] SSL over Unix-domain sockets

pgsql-patches by date

Next:From: Bruce MomjianDate: 2008-01-18 02:21:18
Subject: Re: [HACKERS] SSL over Unix-domain sockets
Previous:From: Tom LaneDate: 2008-01-18 02:16:42
Subject: Re: [HACKERS] SSL over Unix-domain sockets

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group