| From: | Melvin Davidson <melvin6925(at)gmail(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | oleg yusim <olegyusim(at)gmail(dot)com>, Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com>, PostgreSQL General <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Session Identifiers |
| Date: | 2015-12-20 17:33:00 |
| Message-ID: | CANu8FixFnB9bxwFBCqK5Pi2Ag_=UJ0z5vHvATA1U2RwjWqghPA@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Actually, I'm not an expert on the tcp_keepalives, but I believe the
tcp_keepalives_count
should be 1, otherwise it will take 45 minutes minutes to timeout. Then
again, I could be wrong.
On Sun, Dec 20, 2015 at 12:28 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> oleg yusim <olegyusim(at)gmail(dot)com> writes:
> > Got it, thanks... Now, is it any protection in place currently against
> > replacing Session ID (my understanding, it is kept in memory, belonging
> to
> > the session process) or against guessing Session ID (i.e. is Session ID
> > generated using FIPS 140-2 compliant algorithms, or anything of that
> sort)?
>
> I don't think Postgres even has any concept that matches what you seem
> to think a Session ID is.
>
> If you're looking for communication security/integrity checking, that's
> something we leave to other software such as SSL.
>
> regards, tom lane
>
>
> --
> Sent via pgsql-general mailing list (pgsql-general(at)postgresql(dot)org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-general
>
--
*Melvin Davidson*
I reserve the right to fantasize. Whether or not you
wish to share my fantasy is entirely up to you.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | oleg yusim | 2015-12-20 17:37:35 | Re: Session Identifiers |
| Previous Message | Tom Lane | 2015-12-20 17:28:09 | Re: Session Identifiers |