Re: Localhost vs. Unix Domain Sockets?
| От | John R Pierce |
|---|---|
| Тема | Re: Localhost vs. Unix Domain Sockets? |
| Дата | |
| Msg-id | 53F2ADB2.40404@hogranch.com обсуждение исходный текст |
| Ответ на | Re: Localhost vs. Unix Domain Sockets? (Ken Tanzer <ken.tanzer@gmail.com>) |
| Ответы |
Re: Localhost vs. Unix Domain Sockets?
|
| Список | pgsql-general |
On 8/18/2014 6:45 PM, Ken Tanzer wrote: > Thanks. I'm not really worried about this particular vulnerability, > just wondering about the more general idea that having db user name = > os user could reduce your security, even if only slightly. Is it just > as conceivable that a vulnerability could come along that was more > exploitable only if the two names were _different_? what I read on that vunerability, it was talking about dbuser == dbname, not os user. and frankly, I didn't get their rationale for that. -- john r pierce 37N 122W somewhere on the middle of the left coast
В списке pgsql-general по дате отправления: