| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Trevor Talbot <quension(at)gmail(dot)com> |
| Cc: | Tomasz Ostrowski <tometzky(at)batory(dot)org(dot)pl>, Magnus Hagander <magnus(at)hagander(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org, Bruce Momjian <bruce(at)momjian(dot)us>, Brendan Jurd <direvus(at)gmail(dot)com> |
| Subject: | Re: Spoofing as the postmaster |
| Date: | 2007-12-24 00:59:32 |
| Message-ID: | 20071224005932.GH5031@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Trevor Talbot (quension(at)gmail(dot)com) wrote:
> There are various platform-specific security features that might be
> useful, like reserved port ranges and file permissions, but they are
> so specific to the scenario they're designed for that it's hard to
> create a generic solution that works well by default -- especially if
> you want to run without requiring administrative privileges in the
> first place.
Agreed. A guarentee that the process listening on a particular port is
what you're expecting isn't something that upstream can give. It needs
to be done through some situation-specific mechanism. There are a
number of options here, of course: SSL, Kerberos, SELinux, even things
like the tiger IDS. Reserved ports really aren't all that great a
solution in the end anyway, to be honest.
Enjoy,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mark Mielke | 2007-12-24 03:57:40 | Re: Spoofing as the postmaster |
| Previous Message | Tomasz Ostrowski | 2007-12-23 23:04:16 | Re: Spoofing as the postmaster |