| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Gregory Stark <stark(at)enterprisedb(dot)com>, Marko Kreen <markokr(at)gmail(dot)com>, Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org, Tomasz Ostrowski <tometzky(at)batory(dot)org(dot)pl> |
| Subject: | Re: Spoofing as the postmaster |
| Date: | 2007-12-30 00:43:21 |
| Message-ID: | 200712300043.lBU0hLj27488@momjian.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane wrote:
> This is basically the same old mutual authentication problem that SSL
> was designed to solve by using certificates. I don't think we have
> either the need or the expertise to re-invent that wheel.
>
> ISTM we have these action items:
>
> 1. Improve the code so that SSL authentication can be used across a
> Unix-socket connection ...
Added to TODO:
* Allow SSL authentication/encryption over unix domain sockets
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://postgres.enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Warren Turkal | 2007-12-30 08:40:23 | question about timestamp |
| Previous Message | Greg Smith | 2007-12-29 23:55:04 | Re: Spoofing as the postmaster |