Re: [HACKERS] SSL over Unix-domain sockets

Tom Lane wrote:
> Bruce Momjian <bruce(at)momjian(dot)us> writes:
> > I am confused because you say "dangling" then you say "to the real
> > socket". You are saying it isn't dangling when the server is running?
>
> Exactly. When the server is running it provides a perfectly good path
> to the postmaster. The point (and the main difference from your PIDfile
> proposal) is that it's supposed to be there all the time, even when the
> postmaster isn't running. This is what provides protection against the
> spoofer getting there first.

OK, got it.

> > If you are going to require the admin to modify the tmp cleanup script,
> > the admin might as well create the symlink at the same time and have it
> > recreate on boot.
>
> No, that's not the same, because it doesn't provide protection against
> the symlink getting deleted later on.

Right, so you have to modify the tmp cleaner and create the symlink, right?

--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://postgres.enterprisedb.com

+ If your life is a hard drive, Christ can be your backup. +