Re: Spoofing as the postmaster

Tom Lane wrote:
> 2. Improve our documentation about how to set up mutual authentication
> under SSL (it's a bit scattered now).
> 
> 3. Recommend using mutual auth even for local connections, if a server
> containing sensitive data is to be run on a machine that also hosts
> untrusted users.
> 
> As somebody noted, it's probably even better policy to not have any
> sensitive data on a machine that hosts untrusted users, and it wouldn't
> hurt for the docs to point that out; but we should have a documented
> solution available if you have to do it.

I have added the section about preventing server spoofing and updated the SSL
documentation to be more logical and clearer about certificates.

The major updated sections are:

http://momjian.us/tmp/pgsql/preventing-server-spoofing.htmlhttp://momjian.us/tmp/pgsql/ssl-tcp.htmlhttp://momjian.us/tmp/pgsql/libpq-ssl.html

I have to say I didn't understand the certificate stuff before, but I
think it should be clearer now to anyone who reads it.

--  Bruce Momjian  <bruce@momjian.us>        http://momjian.us EnterpriseDB
http://postgres.enterprisedb.com
 + If your life is a hard drive, Christ can be your backup. +