Re: SSL over Unix-domain sockets
| От | Tom Lane |
|---|---|
| Тема | Re: SSL over Unix-domain sockets |
| Дата | |
| Msg-id | 23996.1200411992@sss.pgh.pa.us обсуждение исходный текст |
| Ответ на | Re: SSL over Unix-domain sockets (Alvaro Herrera <alvherre@commandprompt.com>) |
| Ответы |
Re: SSL over Unix-domain sockets
Re: SSL over Unix-domain sockets Re: SSL over Unix-domain sockets |
| Список | pgsql-hackers |
Alvaro Herrera <alvherre@commandprompt.com> writes:
> Perhaps the easiest thing to do is to create a (possibly dangling)
> symlink in /tmp to the real socket in a protected dir.
Cute idea ...
> One thing to be aware of is /tmp cleaners ...
... but that would definitely be a problem. I think on most systems
you'd have to explicitly tweak the /tmp-cleaning script to know not to
zap such a link. Given that such a local customization would probably
disappear in your next system update, the security gain might be
fleeting.
regards, tom lane
В списке pgsql-hackers по дате отправления: