From:
Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:
Bruce Momjian <bruce(at)momjian(dot)us>
Cc:
Magnus Hagander <magnus(at)hagander(dot)net>, Peter Eisentraut <peter_e(at)gmx(dot)net>,
pgsql-hackers(at)postgresql(dot)org
Subject:
Re: SSL over Unix-domain sockets
Date:
2008-01-04 19:09:59
Message-ID:
20817.1199473799@sss.pgh.pa.us (view raw or flat )
Thread:
2008-01-04 16:13:21 from Peter Eisentraut <peter_e(at)gmx(dot)net>
2008-01-04 16:36:54 from Martijn van Oosterhout <kleptog(at)svana(dot)org>
2008-01-04 17:18:34 from Bruce Momjian <bruce(at)momjian(dot)us>
2008-01-04 17:35:02 from Peter Eisentraut <peter_e(at)gmx(dot)net>
2008-01-04 17:37:37 from Bruce Momjian <bruce(at)momjian(dot)us>
2008-01-04 17:47:15 from Magnus Hagander <magnus(at)hagander(dot)net>
2008-01-04 17:57:28 from Bruce Momjian <bruce(at)momjian(dot)us>
2008-01-04 18:36:52 from Aidan Van Dyk <aidan(at)highrise(dot)ca>
2008-01-04 19:09:59 from Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
2008-01-04 19:37:03 from Bruce Momjian <bruce(at)momjian(dot)us>
2008-01-04 20:08:07 from Andrew Sullivan <ajs(at)crankycanuck(dot)ca>
2008-01-05 13:13:46 from Peter Eisentraut <peter_e(at)gmx(dot)net>
2008-01-05 17:39:08 from Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
2008-01-05 19:14:53 from Mark Mielke <mark(at)mark(dot)mielke(dot)cc>
2008-01-05 21:05:20 from Peter Eisentraut <peter_e(at)gmx(dot)net>
2008-01-14 22:20:54 from Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
2008-01-15 03:24:06 from Bruce Momjian <bruce(at)momjian(dot)us>
2008-01-15 03:33:28 from Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
2008-01-15 04:14:29 from Bruce Momjian <bruce(at)momjian(dot)us>
2008-01-15 04:35:30 from Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
2008-01-15 12:21:21 from Alvaro Herrera <alvherre(at)commandprompt(dot)com>
2008-01-15 13:54:46 from Aidan Van Dyk <aidan(at)highrise(dot)ca>
2008-01-15 14:54:51 from Bruce Momjian <bruce(at)momjian(dot)us>
2008-01-15 12:05:45 from Alvaro Herrera <alvherre(at)commandprompt(dot)com>
2008-01-15 15:46:32 from Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
2008-01-15 15:55:02 from Alvaro Herrera <alvherre(at)commandprompt(dot)com>
2008-01-15 16:28:11 from Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
2008-01-15 20:14:56 from Greg Smith <gsmith(at)gregsmith(dot)com>
2008-01-17 13:44:12 from Alvaro Herrera <alvherre(at)commandprompt(dot)com>
2008-01-15 16:58:20 from "Kevin Grittner" <Kevin(dot)Grittner(at)wicourts(dot)gov>
2008-01-15 14:23:53 from Martijn van Oosterhout <kleptog(at)svana(dot)org>
2008-01-15 16:06:41 from Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
2008-01-17 02:58:11 from Bruce Momjian <bruce(at)momjian(dot)us>
2008-01-17 08:10:52 from Peter Eisentraut <peter_e(at)gmx(dot)net>
2008-01-17 16:10:47 from Bruce Momjian <bruce(at)momjian(dot)us>
2008-01-17 16:31:40 from Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
2008-01-17 16:35:58 from Andrew Dunstan <andrew(at)dunslane(dot)net>
2008-01-18 00:47:26 from Alvaro Herrera <alvherre(at)commandprompt(dot)com>
2008-01-18 01:37:23 from Andrew Dunstan <andrew(at)dunslane(dot)net>
2008-01-18 01:50:40 from Alvaro Herrera <alvherre(at)commandprompt(dot)com>
2008-01-18 02:16:42 from Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
2008-01-18 08:37:00 from Greg Smith <gsmith(at)gregsmith(dot)com>
2008-01-18 02:17:33 from Bruce Momjian <bruce(at)momjian(dot)us>
2008-01-18 02:21:18 from Bruce Momjian <bruce(at)momjian(dot)us>
2008-01-18 02:21:19 from Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
2008-01-18 02:24:26 from Bruce Momjian <bruce(at)momjian(dot)us>
2008-01-31 17:32:46 from Bruce Momjian <bruce(at)momjian(dot)us>
2008-01-18 02:42:05 from Andrew Dunstan <andrew(at)dunslane(dot)net>
2008-01-18 10:38:23 from Peter Eisentraut <peter_e(at)gmx(dot)net>
2008-01-18 10:24:09 from Peter Eisentraut <peter_e(at)gmx(dot)net>
2008-01-18 10:59:49 from Magnus Hagander <magnus(at)hagander(dot)net>
2008-01-18 11:35:40 from Peter Eisentraut <peter_e(at)gmx(dot)net>
2008-01-18 11:40:36 from Magnus Hagander <magnus(at)hagander(dot)net>
2008-01-18 10:22:41 from Peter Eisentraut <peter_e(at)gmx(dot)net>
2008-01-15 09:10:37 from Peter Eisentraut <peter_e(at)gmx(dot)net>
2008-01-15 09:25:21 from Magnus Hagander <magnus(at)hagander(dot)net>
Lists:
pgsql-hackers pgsql-patches
Bruce Momjian <bruce(at)momjian(dot)us> writes:
> Yes, it would plug the hole without fully implementing SSL control on
> local sockets. However, the hole is already plugged by using directory
> permissions so I question the need for a partial solution at this point
> in 8.3.
As already noted, "fix /tmp's directory permissions" isn't a very
helpful suggestion.
> At this point in 8.3 I think we have to ask if we would make such a
> change in a minor release, and I don't think we would.
It depends on whether you call it a new feature or a bug fix.
If it is a bug fix, wouldn't we also back-patch it?
Given the smallness of Peter's patch, I don't think that treating
it as a bug fix is unreasonable, if that (and the docs) are all we
change. Now adding "localssl" etc to pg_hba.conf's options seems
more like a new feature, and that I think should wait for 8.4.
One question is whether patching this without adding localssl
(and therefore, without providing a way for the DBA to enforce
SSL use) is actually very helpful. You could be secure but you'd
be depending on the client side to get it right. OTOH that's true
anyway if we have no way to enforce that the client verify the
postmaster's certificate.
regards, tom lane
In response to
Responses
pgsql-hackers by date
Next :From: Bruce MomjianDate: 2008-01-04 19:37:03Subject : Re: SSL over Unix-domain socketsPrevious :From : Aidan Van DykDate : 2008-01-04 18:36:52Subject : Re: SSL over Unix-domain sockets
pgsql-patches by date
Next :From: Bruce MomjianDate: 2008-01-04 19:37:03Subject : Re: SSL over Unix-domain socketsPrevious :From : Aidan Van DykDate : 2008-01-04 18:36:52Subject : Re: SSL over Unix-domain sockets
