| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Gregory Stark <stark(at)enterprisedb(dot)com>, Marko Kreen <markokr(at)gmail(dot)com>, Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org, Tomasz Ostrowski <tometzky(at)batory(dot)org(dot)pl> |
| Subject: | Re: Spoofing as the postmaster |
| Date: | 2007-12-25 04:03:45 |
| Message-ID: | 200712250403.lBP43jr05750@momjian.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane wrote:
> 2. Improve our documentation about how to set up mutual authentication
> under SSL (it's a bit scattered now).
>
> 3. Recommend using mutual auth even for local connections, if a server
> containing sensitive data is to be run on a machine that also hosts
> untrusted users.
>
> As somebody noted, it's probably even better policy to not have any
> sensitive data on a machine that hosts untrusted users, and it wouldn't
> hurt for the docs to point that out; but we should have a documented
> solution available if you have to do it.
I have added the section about preventing server spoofing and updated the SSL
documentation to be more logical and clearer about certificates.
The major updated sections are:
http://momjian.us/tmp/pgsql/preventing-server-spoofing.html
http://momjian.us/tmp/pgsql/ssl-tcp.html
http://momjian.us/tmp/pgsql/libpq-ssl.html
I have to say I didn't understand the certificate stuff before, but I
think it should be clearer now to anyone who reads it.
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://postgres.enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2007-12-25 06:16:10 | Re: Spoofing as the postmaster |
| Previous Message | Decibel! | 2007-12-24 20:27:24 | Re: Spoofing as the postmaster |