| From: | "D'Arcy J(dot)M(dot) Cain" <darcy(at)druid(dot)net> |
|---|---|
| To: | Bruce Momjian <bruce(at)momjian(dot)us> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgreSQL(dot)org> |
| Subject: | Re: Spoofing as the postmaster |
| Date: | 2007-12-22 15:04:19 |
| Message-ID: | 20071222100419.721d9827.darcy@druid.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sat, 22 Dec 2007 09:25:05 -0500 (EST)
Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> I think at a minimum we need to add documentation that states if you
> don't trust the local users on the postmaster server you should:
>
> o create unix domain socket files in a non-world-writable
> directory
> o require SSL server certificates for TCP connections
>
> Ideas?
It's generally a bad idea to put your database on a public server
anyway but if you do you should definitely disable unix domain sockets
and connect over TCP to localhost. That has been our rule for years.
It's certainly a corner case. I would think that warnings, perhaps in
the config file itself, would be sufficient.
--
D'Arcy J.M. Cain <darcy(at)druid(dot)net> | Democracy is three wolves
http://www.druid.net/darcy/ | and a sheep voting on
+1 416 425 1212 (DoD#0082) (eNTP) | what's for dinner.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2007-12-22 15:44:16 | Re: Spoofing as the postmaster |
| Previous Message | Andrew Chernow | 2007-12-22 14:40:15 | Re: timetz range check issue |