From: | oleg yusim <olegyusim(at)gmail(dot)com> |
---|---|
To: | Melvin Davidson <melvin6925(at)gmail(dot)com> |
Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com>, PostgreSQL General <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: Session Identifiers |
Date: | 2015-12-20 17:38:13 |
Message-ID: | CAKd4e_HKj8HSfeuk8anfVn4baYQYw9nf4DSBHfE6baeQqq3QBQ@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Thanks Melvin,
Let me experiment with it for a bit. I will let you know results.
Oleg
On Sun, Dec 20, 2015 at 11:33 AM, Melvin Davidson <melvin6925(at)gmail(dot)com>
wrote:
> Actually, I'm not an expert on the tcp_keepalives, but I believe the tcp_keepalives_count
> should be 1, otherwise it will take 45 minutes minutes to timeout. Then
> again, I could be wrong.
>
> On Sun, Dec 20, 2015 at 12:28 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>
>> oleg yusim <olegyusim(at)gmail(dot)com> writes:
>> > Got it, thanks... Now, is it any protection in place currently against
>> > replacing Session ID (my understanding, it is kept in memory, belonging
>> to
>> > the session process) or against guessing Session ID (i.e. is Session ID
>> > generated using FIPS 140-2 compliant algorithms, or anything of that
>> sort)?
>>
>> I don't think Postgres even has any concept that matches what you seem
>> to think a Session ID is.
>>
>> If you're looking for communication security/integrity checking, that's
>> something we leave to other software such as SSL.
>>
>> regards, tom lane
>>
>>
>> --
>> Sent via pgsql-general mailing list (pgsql-general(at)postgresql(dot)org)
>> To make changes to your subscription:
>> http://www.postgresql.org/mailpref/pgsql-general
>>
>
>
>
> --
> *Melvin Davidson*
> I reserve the right to fantasize. Whether or not you
> wish to share my fantasy is entirely up to you.
>
From | Date | Subject | |
---|---|---|---|
Next Message | Pavel Stehule | 2015-12-20 17:40:41 | Re: Session Identifiers |
Previous Message | oleg yusim | 2015-12-20 17:37:35 | Re: Session Identifiers |