Re: sslmode=require fallback
| От | Bruce Momjian |
|---|---|
| Тема | Re: sslmode=require fallback |
| Дата | |
| Msg-id | 20160822212052.GB13292@momjian.us обсуждение исходный текст |
| Ответ на | Re: sslmode=require fallback (Jeff Janes <jeff.janes@gmail.com>) |
| Список | pgsql-hackers |
On Fri, Aug 19, 2016 at 09:22:32AM -0700, Jeff Janes wrote: > On Sat, Jul 30, 2016 at 11:18 AM, Bruce Momjian <bruce@momjian.us> wrote: > > On Fri, Jul 29, 2016 at 11:27:06AM -0400, Peter Eisentraut wrote: > > On 7/29/16 11:13 AM, Bruce Momjian wrote: > > > Yes, I am thinking of a case where Postgres is down but a malevolent > > > user starts a Postgres server on 5432 to gather passwords. Verifying > > > against an SSL certificate would avoid this problem, so there is some > > > value in using SSL on localhost. (There is no such security available > > > for Unix-domain socket connections.) > > > > Sure, there is the requirepeer connection option for that. > > Oh, nice, I had not seen that. > > > > Hi Bruce, > > There is typo in the doc patch you just committed > > "On way to prevent spoofing of" > > s/On/One/ Oops, thanks, fixed. -- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + As you are, so once was I. As I am, so you will be. + + Ancient Roman grave inscription +
В списке pgsql-hackers по дате отправления: