Re: [HACKERS] SSL over Unix-domain sockets

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Bruce Momjian <bruce(at)momjian(dot)us>
Cc: Alvaro Herrera <alvherre(at)commandprompt(dot)com>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Peter Eisentraut <peter_e(at)gmx(dot)net>, PostgreSQL-patches <pgsql-patches(at)postgresql(dot)org>, Mark Mielke <mark(at)mark(dot)mielke(dot)cc>
Subject: Re: [HACKERS] SSL over Unix-domain sockets
Date: 2008-01-18 02:21:19
Message-ID: 19369.1200622879@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers pgsql-patches

Bruce Momjian <bruce(at)momjian(dot)us> writes:
> I am confused because you say "dangling" then you say "to the real
> socket". You are saying it isn't dangling when the server is running?

Exactly. When the server is running it provides a perfectly good path
to the postmaster. The point (and the main difference from your PIDfile
proposal) is that it's supposed to be there all the time, even when the
postmaster isn't running. This is what provides protection against the
spoofer getting there first.

> If you are going to require the admin to modify the tmp cleanup script,
> the admin might as well create the symlink at the same time and have it
> recreate on boot.

No, that's not the same, because it doesn't provide protection against
the symlink getting deleted later on.

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Bruce Momjian 2008-01-18 02:24:26 Re: [HACKERS] SSL over Unix-domain sockets
Previous Message Bruce Momjian 2008-01-18 02:21:18 Re: [HACKERS] SSL over Unix-domain sockets

Browse pgsql-patches by date

  From Date Subject
Next Message Bruce Momjian 2008-01-18 02:24:26 Re: [HACKERS] SSL over Unix-domain sockets
Previous Message Bruce Momjian 2008-01-18 02:21:18 Re: [HACKERS] SSL over Unix-domain sockets