Quick Links

Re: [HACKERS] SSL over Unix-domain sockets

From:	Bruce Momjian <bruce(at)momjian(dot)us>
To:	Peter Eisentraut <peter_e(at)gmx(dot)net>
Cc:	PostgreSQL-patches <pgsql-patches(at)postgresql(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Mark Mielke <mark(at)mark(dot)mielke(dot)cc>
Subject:	Re: [HACKERS] SSL over Unix-domain sockets
Date:	2008-01-17 16:10:47
Message-ID:	200801171610.m0HGAlZ25049@momjian.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers pgsql-patches

Peter Eisentraut wrote:
> Bruce Momjian wrote:
> > I have written the following documentation addition suggesting the use
> > of external_pid_file.
>
> How does that prevent spoofing?

It creates a lock file that is the same name as the socket file that a
default-configured client would use, so it prevents a spoofed socket
from being created.

--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://postgres.enterprisedb.com

+ If your life is a hard drive, Christ can be your backup. +

In response to

Re: [HACKERS] SSL over Unix-domain sockets at 2008-01-17 08:10:52 from Peter Eisentraut

Responses

Re: [HACKERS] SSL over Unix-domain sockets at 2008-01-17 16:31:40 from Tom Lane
Re: [HACKERS] SSL over Unix-domain sockets at 2008-01-18 10:22:41 from Peter Eisentraut

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Andrew Dunstan	2008-01-17 16:11:42	Re: proposal for 8.4: PL/pgSQL - statement CASE
Previous Message	Joshua D. Drake	2008-01-17 16:06:12	Re: proposal for 8.4: PL/pgSQL - statement CASE

Browse pgsql-patches by date

	From	Date	Subject
Next Message	Tom Lane	2008-01-17 16:31:40	Re: [HACKERS] SSL over Unix-domain sockets
Previous Message	Stephen Frost	2008-01-17 14:37:29	Re: [ADMIN] postgresql in FreeBSD jails: proposal