Re: [HACKERS] SSL over Unix-domain sockets

Bruce Momjian <bruce@momjian.us> writes:
> I am confused because you say "dangling" then you say "to the real
> socket".  You are saying it isn't dangling when the server is running?

Exactly.  When the server is running it provides a perfectly good path
to the postmaster.  The point (and the main difference from your PIDfile
proposal) is that it's supposed to be there all the time, even when the
postmaster isn't running.  This is what provides protection against the
spoofer getting there first.

> If you are going to require the admin to modify the tmp cleanup script,
> the admin might as well create the symlink at the same time and have it
> recreate on boot.

No, that's not the same, because it doesn't provide protection against
the symlink getting deleted later on.

            regards, tom lane