Re: [HACKERS] SSL over Unix-domain sockets

From: Bruce Momjian <bruce(at)momjian(dot)us>
To: Alvaro Herrera <alvherre(at)commandprompt(dot)com>
Cc: Andrew Dunstan <andrew(at)dunslane(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Peter Eisentraut <peter_e(at)gmx(dot)net>, PostgreSQL-patches <pgsql-patches(at)postgresql(dot)org>, Mark Mielke <mark(at)mark(dot)mielke(dot)cc>
Subject: Re: [HACKERS] SSL over Unix-domain sockets
Date: 2008-01-18 02:17:33
Message-ID: 200801180217.m0I2HXx24806@momjian.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers pgsql-patches

Alvaro Herrera wrote:
> > I'm not sure tmp cleaners will work that well against a determined spoofer.
>
> I don't understand. The tmp cleaner is something we have to _avoid_.
> Let me repeat my proposal.
>
> I propose to create a dangling symlink on system startup in
> /tmp/.s.PGSQL.<port> to the real socket, which is not on a

I am confused because you say "dangling" then you say "to the real
socket". You are saying it isn't dangling when the server is running?

> world-writable directory. This avoids the spoofer, because he cannot
> create the socket -- the symlink is occupying its place.
>
> The only problem with this proposal is that the tmp cleaner would remove
> the symlink. The solution to this is to configure the tmp cleaner so
> that it doesn't do that.
>
> It absolutely requires cooperation from the sysadmin, both to setup the
> symlink initially, and to configure the tmp cleaner.

If you are going to require the admin to modify the tmp cleanup script,
the admin might as well create the symlink at the same time and have it
recreate on boot. We could actually just document this idea and be done
with it.

--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://postgres.enterprisedb.com

+ If your life is a hard drive, Christ can be your backup. +

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Bruce Momjian 2008-01-18 02:21:18 Re: [HACKERS] SSL over Unix-domain sockets
Previous Message Tom Lane 2008-01-18 02:16:42 Re: [HACKERS] SSL over Unix-domain sockets

Browse pgsql-patches by date

  From Date Subject
Next Message Bruce Momjian 2008-01-18 02:21:18 Re: [HACKERS] SSL over Unix-domain sockets
Previous Message Tom Lane 2008-01-18 02:16:42 Re: [HACKERS] SSL over Unix-domain sockets