From: | Bruce Momjian <bruce(at)momjian(dot)us> |
---|---|
To: | Bruce Momjian <bruce(at)momjian(dot)us> |
Cc: | Alvaro Herrera <alvherre(at)commandprompt(dot)com>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Peter Eisentraut <peter_e(at)gmx(dot)net>, PostgreSQL-patches <pgsql-patches(at)postgresql(dot)org>, Mark Mielke <mark(at)mark(dot)mielke(dot)cc> |
Subject: | Re: [HACKERS] SSL over Unix-domain sockets |
Date: | 2008-01-18 02:21:18 |
Message-ID: | 200801180221.m0I2LIM25432@momjian.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers pgsql-patches |
Bruce Momjian wrote:
> Alvaro Herrera wrote:
> > > I'm not sure tmp cleaners will work that well against a determined spoofer.
> >
> > I don't understand. The tmp cleaner is something we have to _avoid_.
> > Let me repeat my proposal.
> >
> > I propose to create a dangling symlink on system startup in
> > /tmp/.s.PGSQL.<port> to the real socket, which is not on a
>
> I am confused because you say "dangling" then you say "to the real
> socket". You are saying it isn't dangling when the server is running?
>
> > world-writable directory. This avoids the spoofer, because he cannot
> > create the socket -- the symlink is occupying its place.
> >
> > The only problem with this proposal is that the tmp cleaner would remove
> > the symlink. The solution to this is to configure the tmp cleaner so
> > that it doesn't do that.
> >
> > It absolutely requires cooperation from the sysadmin, both to setup the
> > symlink initially, and to configure the tmp cleaner.
>
> If you are going to require the admin to modify the tmp cleanup script,
> the admin might as well create the symlink at the same time and have it
> recreate on boot. We could actually just document this idea and be done
> with it.
Oh, sorry, I see now you are having the admin create the symlink and
modify the tmp cleaner --- yea, I think we just document this and call
it done.
Do we do anything in the backend for this proposal?
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://postgres.enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2008-01-18 02:21:19 | Re: [HACKERS] SSL over Unix-domain sockets |
Previous Message | Bruce Momjian | 2008-01-18 02:17:33 | Re: [HACKERS] SSL over Unix-domain sockets |
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2008-01-18 02:21:19 | Re: [HACKERS] SSL over Unix-domain sockets |
Previous Message | Bruce Momjian | 2008-01-18 02:17:33 | Re: [HACKERS] SSL over Unix-domain sockets |