Re: Spoofing as the postmaster
| От | Magnus Hagander |
|---|---|
| Тема | Re: Spoofing as the postmaster |
| Дата | |
| Msg-id | 476D3818.1080404@hagander.net обсуждение исходный текст |
| Ответ на | Re: Spoofing as the postmaster (Andrew Dunstan <andrew@dunslane.net>) |
| Список | pgsql-hackers |
Andrew Dunstan wrote: > > > Peter Eisentraut wrote: >> Bruce Momjian wrote: >> >>> The fundamental problem is that because we don't require root, any >>> user's >>> postmaster or pretend postmaster is as legitimate as anyone else's. SSL >>> certificates add legitimacy checks for TCP, but not for unix domain >>> sockets. >>> >> >> Wouldn't SSL work over Unix-domain sockets as well? The API only >> deals with file descriptors. >> >> > > But we don't check the SSL cert's credentials in the client, AFAIK. That > means that postmaster spoofer could just as easily spoof SSL. > Communications between the client and the endpoint will be protected, > but there is no protection from a man in the middle attack, which is > what this is. We do if you put the CA cert on the client. //Magnus
В списке pgsql-hackers по дате отправления: