Re: [HACKERS] SSL over Unix-domain sockets
| От | Andrew Dunstan |
|---|---|
| Тема | Re: [HACKERS] SSL over Unix-domain sockets |
| Дата | |
| Msg-id | 479011FD.6040904@dunslane.net обсуждение исходный текст |
| Ответ на | Re: [HACKERS] SSL over Unix-domain sockets (Alvaro Herrera <alvherre@commandprompt.com>) |
| Список | pgsql-patches |
Alvaro Herrera wrote: > Andrew Dunstan wrote: > >> Alvaro Herrera wrote: >> >>> Andrew Dunstan wrote: >>> >>> >>> >>>> I agree. I remain of the opinion that this is not a problem than can be >>>> solved purely within the bounds of postgres. >>>> >>> I agree. Please comment on my proposed solution. >>> >> I'm not sure tmp cleaners will work that well against a determined spoofer. >> > > I don't understand. The tmp cleaner is something we have to _avoid_. > Let me repeat my proposal. > > I propose to create a dangling symlink on system startup in > /tmp/.s.PGSQL.<port> to the real socket, which is not on a > world-writable directory. This avoids the spoofer, because he cannot > create the socket -- the symlink is occupying its place. > > The only problem with this proposal is that the tmp cleaner would remove > the symlink. The solution to this is to configure the tmp cleaner so > that it doesn't do that. > > It absolutely requires cooperation from the sysadmin, both to setup the > symlink initially, and to configure the tmp cleaner. > Oh. I'm sorry. Yes, I think this would work. cheers andrew
В списке pgsql-patches по дате отправления: