Re: Spoofing as the postmaster

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: Andrew Dunstan <andrew(at)dunslane(dot)net>
Cc: pgsql-hackers(at)postgresql(dot)org, Bruce Momjian <bruce(at)momjian(dot)us>, Tomasz Ostrowski <tometzky(at)batory(dot)org(dot)pl>
Subject: Re: Spoofing as the postmaster
Date: 2007-12-22 16:13:05
Message-ID: 200712221713.05809.peter_e@gmx.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Andrew Dunstan wrote:
> But we don't check the SSL cert's credentials in the client, AFAIK.

We do if you configure it so. But I must admit that this fact is not well
advertised. It is documented, but you have to look carefully.

--
Peter Eisentraut
http://developer.postgresql.org/~petere/

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Magnus Hagander 2007-12-22 16:15:20 Re: Spoofing as the postmaster
Previous Message Andrew Dunstan 2007-12-22 15:55:06 Re: Spoofing as the postmaster