Skip site navigation (1) Skip section navigation (2)

Re: Spoofing as the postmaster

From: Andrew Dunstan <andrew(at)dunslane(dot)net>
To: "D'Arcy J(dot)M(dot) Cain" <darcy(at)druid(dot)net>
Cc: Magnus Hagander <magnus(at)hagander(dot)net>, Mark Mielke <mark(at)mark(dot)mielke(dot)cc>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Bruce Momjian <bruce(at)momjian(dot)us>, Andrew Sullivan <ajs(at)crankycanuck(dot)ca>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: Spoofing as the postmaster
Date: 2007-12-29 15:38:13
Message-ID: 477669E5.9050505@dunslane.net (view raw or flat)
Thread:
Lists: pgsql-hackers

D'Arcy J.M. Cain wrote:
>  - 1:  How does the client assure that the postmaster is legit
>  - 2:  How does the postmaster assure that the client is legit
>
>
>   

And neither answers the original problem:

3. How can the sysadmin prevent a malicious local user from hijacking 
the sockets if the postmaster isn't running?

Prevention is much more valuable than ex post detection, IMNSHO.

Probably the first answer is not to run postgres on a machine with 
untrusted users, but that's not always possible. Maybe we can't find a 
simple cross-platform answer, but that doesn't mean we should not look 
at platform-specific answers, at least for documentation.

cheers

andrew

In response to

Responses

pgsql-hackers by date

Next:From: D'Arcy J.M. CainDate: 2007-12-29 15:59:20
Subject: Re: Spoofing as the postmaster
Previous:From: Mark MielkeDate: 2007-12-29 15:15:04
Subject: Re: Spoofing as the postmaster

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group