Home > mailing lists

Re: SSL over Unix-domain sockets - Mailing list pgsql-hackers

From	Alvaro Herrera
Subject	Re: SSL over Unix-domain sockets
Date	January 15, 2008 14:55:28
Msg-id	20080115155502.GG4473@alvh.no-ip.org Whole thread Raw
In response to	Re: SSL over Unix-domain sockets (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: SSL over Unix-domain sockets
List	pgsql-hackers

Tree view

Tom Lane wrote:
> Alvaro Herrera <alvherre@commandprompt.com> writes:

> > One thing to be aware of is /tmp cleaners ...
> 
> ... but that would definitely be a problem.  I think on most systems
> you'd have to explicitly tweak the /tmp-cleaning script to know not to
> zap such a link.  Given that such a local customization would probably
> disappear in your next system update, the security gain might be
> fleeting.

We could hack the postmaster so that it touches the /tmp socket
(hardcoded path) in addition to the unix_socket_directory one.

-- 
Alvaro Herrera                                http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.

pgsql-hackers by date:

From: Markus Schiltknecht
Date: 15 January 2008, 14:49:44
Subject: Re: Declarative partitioning grammar

From: Tom Lane
Date: 15 January 2008, 15:07:01
Subject: Re: SSL over Unix-domain sockets

Re: SSL over Unix-domain sockets - Mailing list pgsql-hackers

Previous

Next