Bruce Momjian <maillist@candle.pha.pa.us> writes:
>> However, if they are already snooping, how much harder
>> is it for them to insert their own query into the tcp stream?
> Can someone answer this for me?
Well, that depends entirely on what your threat model is --- for
example, someone with read access on /dev/kmem on a relay machine
might be able to watch packets going by, yet not be able to inject
more. On the other hand, someone with root privileges on another
machine on your local LAN could likely do both.
My guess is that most of the plausible cases that allow one also
allow the other. But it's only a guess.
regards, tom lane