Re: Localhost vs. Unix Domain Sockets?

On 8/18/2014 5:45 PM, Ken Tanzer wrote:
> I used to have my db and linux usernames match, until this issue came
> along: http://www.postgresql.org/support/security/faq/2013-04-04/.  It
> specifically mentions potentially increased vulnerability if the names
> match.  So when I set up a new server I had them not match.  I know
> this particular issue is fixed.  But are there other ways that having
> the names match could potentially increase vulnerability (even if not
> known or identified yet), or am I pointlessly "fighting the last war"
> by keeping the names different?

afaik that exploit only applies when the user is coming in over tcp/ip



--
john r pierce                                      37N 122W
somewhere on the middle of the left coast