From: | "Kevin Grittner" <Kevin(dot)Grittner(at)wicourts(dot)gov> |
---|---|
To: | "Bruce Momjian" <bruce(at)momjian(dot)us>,"Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | "Peter Eisentraut" <peter_e(at)gmx(dot)net>, "Mark Mielke" <mark(at)mark(dot)mielke(dot)cc>, <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: SSL over Unix-domain sockets |
Date: | 2008-01-15 16:58:20 |
Message-ID: | 478C91CC.EE98.0025.0@wicourts.gov |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers pgsql-patches |
>>> On Mon, Jan 14, 2008 at 9:33 PM, in message <11967(dot)1200368008(at)sss(dot)pgh(dot)pa(dot)us>,
Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Yeah, all of this is about confusion and error-proneness. I still think
> that the real problem is that we don't have full control over
> client-side code, and therefore can't just write off the problem of a
> client deciding to connect to /tmp/.s.PGSQL.5432 even if the local DBA
> thinks the socket would be safer elsewhere.
The local DBA may have sufficient control over client-side code.
There probably are use cases where using a secure directory isn't a
complete solution; but for us, the spoofing in /tmp is a real risk
and using a secure directory solves the problem just fine.
Are we sure there really are users who need the other options?
-Kevin
From | Date | Subject | |
---|---|---|---|
Next Message | Markus Schiltknecht | 2008-01-15 16:59:37 | Re: Declarative partitioning grammar |
Previous Message | Markus Schiltknecht | 2008-01-15 16:54:18 | Re: Declarative partitioning grammar |
From | Date | Subject | |
---|---|---|---|
Next Message | Greg Smith | 2008-01-15 20:14:56 | Re: SSL over Unix-domain sockets |
Previous Message | Jonah H. Harris | 2008-01-15 16:58:08 | Re: Revised xml memory allocation patch |