Re: sslmode=require fallback
| От | Jeff Janes |
|---|---|
| Тема | Re: sslmode=require fallback |
| Дата | |
| Msg-id | CAMkU=1yAoA6rjprhWtuHj5+SvFAF8z70cPfFDZYu7dbNUJ53EQ@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: sslmode=require fallback (Bruce Momjian <bruce@momjian.us>) |
| Ответы |
Re: sslmode=require fallback
|
| Список | pgsql-hackers |
On Sat, Jul 30, 2016 at 11:18 AM, Bruce Momjian <bruce@momjian.us> wrote:
On Fri, Jul 29, 2016 at 11:27:06AM -0400, Peter Eisentraut wrote:
> On 7/29/16 11:13 AM, Bruce Momjian wrote:
> > Yes, I am thinking of a case where Postgres is down but a malevolent
> > user starts a Postgres server on 5432 to gather passwords. Verifying
> > against an SSL certificate would avoid this problem, so there is some
> > value in using SSL on localhost. (There is no such security available
> > for Unix-domain socket connections.)
>
> Sure, there is the requirepeer connection option for that.
Oh, nice, I had not seen that.
Hi Bruce,
There is typo in the doc patch you just committed
"On way to prevent spoofing of"
s/On/One/
Cheers,
Jeff
В списке pgsql-hackers по дате отправления: