Re: Securing "make check" (CVE-2014-0067)

On Sat, Mar 1, 2014 at 7:09 PM, Andrew Dunstan <andrew(at)dunslane(dot)net> wrote:

>
> On 03/01/2014 12:29 PM, Tom Lane wrote:
>
>
>> In the case of Unix systems, there is a *far* simpler and more portable
>> solution technique, which is to tell the test postmaster to put its socket
>> in some non-world-accessible directory created by the test scaffolding.
>>
>
>
> +1 - I'm all for KISS.
>
>
>
>> Of course that doesn't work for Windows, which is why we looked at the
>> random-password solution. But I wonder whether we shouldn't use the
>> nonstandard-socket-location approach everywhere else, and only use random
>> passwords on Windows. That would greatly reduce the number of cases to
>> worry about for portability of the password-generation code; and perhaps
>> we could also push the crypto issue into reliance on some Windows-supplied
>> functionality (though I'm just speculating about that part).
>>
>
>
> See for example <http://msdn.microsoft.com/en-us/library/windows/desktop/
> aa379942%28v=vs.85%29.aspx>
>

For a one-off password used locally only, we could also consider just using
a guid, and generate it using
http://msdn.microsoft.com/en-us/library/windows/desktop/aa379205(v=vs.85).aspx.
Obviously windows only though - do we have *any* Unix platforms that can't
do unix sockets?

--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/