Re: BUG #4340: SECURITY: Is SSL Doing Anything?

From: Andrew Sullivan <ajs(at)commandprompt(dot)com>
To: pgsql-bugs(at)postgresql(dot)org
Subject: Re: BUG #4340: SECURITY: Is SSL Doing Anything?
Date: 2008-08-19 19:52:07
Message-ID: 20080819195207.GT9771@commandprompt.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

On Tue, Aug 19, 2008 at 02:57:55PM -0400, Tom Lane wrote:
> To impose such a requirement, we'd have to forbid naming the server
> by IP address or via a domain-search-path abbreviation.

If you ask me, the second idea at least is a good one anyway. In an
SSL context, search paths are a terrible idea. (Frankly, they're a
terrible idea outside that context also, but that ship sailed some
time ago.)

A

--
Andrew Sullivan
ajs(at)commandprompt(dot)com
+1 503 667 4564 x104
http://www.commandprompt.com/

In response to

Browse pgsql-bugs by date

  From Date Subject
Next Message Dan Kaminsky 2008-08-19 19:59:23 Re: BUG #4340: SECURITY: Is SSL Doing Anything?
Previous Message Magnus Hagander 2008-08-19 19:48:13 Re: BUG #4340: SECURITY: Is SSL Doing Anything?