Skip site navigation (1) Skip section navigation (2)

Re: SSL (patch 3)

From: Bear Giles <bgiles(at)coyotesong(dot)com>
To: Peter Eisentraut <peter_e(at)gmx(dot)net>
Cc: Bear Giles <bgiles(at)coyotesong(dot)com>, pgsql-patches(at)postgresql(dot)org
Subject: Re: SSL (patch 3)
Date: 2002-05-27 21:58:22
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-patches
> Bear Giles writes:
> > Third patch - adds client verification of server certificate.
> > This has some POSIX-isms that need to be expanded for Windows
> > and Mac clients, and identifies (but does not fix) a problem
> > on the backend that could be used for "denial of service"
> > attacks on the current backend.
> What happens if I don't want to use this feature

Use SSH tunnels.  The code is written with the presumption that
anyone using SSL wants a secure session, and that includes 
confidentiality, message integrity and endpoint authentication.
If they just want confidentiality, SSH tunnels are a lot easier
to set up.

> and/or I don't have the certificates set up?

If they want secure sessions, they'll invest the time in setting
up the certificates.

> Why are errors from getpwuid() thrown away, isn't
> that a risk?

My code keeps going back and forth on that.  There's a lot less
risk than usual because the argument is from getuid(), not something
like a file ownership which can contain an arbitrary number.

Then again, it's possible for root to setuid() to a number that
doesn't have an /etc/passwd entry so there's a remote risk of

> Please use MAXPGPATH to size buffers for file names.

Legacy code again.

> What exactly is the "problem" you identify?  I couldn't make it out.

If the SSL negotiations don't complete for any reason, the server
hiccups.  This would tend to annoy other users who see their connections
drop, especially if some jerk is running a program that retries to
establish a connection every 10 seconds or so.


In response to


pgsql-patches by date

Next:From: Tom LaneDate: 2002-05-27 21:59:38
Subject: Re: small dblink patch
Previous:From: Joe ConwayDate: 2002-05-27 21:56:07
Subject: Re: revised sample SRF C function; proposed SRF API

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group