Re: Spoofing as the postmaster

Bruce Momjian wrote:
> Tom Lane wrote:
> > 2. Improve our documentation about how to set up mutual authentication
> > under SSL (it's a bit scattered now).
> >
> > 3. Recommend using mutual auth even for local connections, if a server
> > containing sensitive data is to be run on a machine that also hosts
> > untrusted users.
> >
> > As somebody noted, it's probably even better policy to not have any
> > sensitive data on a machine that hosts untrusted users, and it wouldn't
> > hurt for the docs to point that out; but we should have a documented
> > solution available if you have to do it.
>
> I have added the section about preventing server spoofing and updated the SSL
> documentation to be more logical and clearer about certificates.
>
> The major updated sections are:
>
> http://momjian.us/tmp/pgsql/preventing-server-spoofing.html
> http://momjian.us/tmp/pgsql/ssl-tcp.html
> http://momjian.us/tmp/pgsql/libpq-ssl.html
>
> I have to say I didn't understand the certificate stuff before, but I
> think it should be clearer now to anyone who reads it.

I have just added two documentation tables outlining SSL file usage for
client and server.

--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://postgres.enterprisedb.com

+ If your life is a hard drive, Christ can be your backup. +