Tom Lane wrote:
> Bruce Momjian <bruce@momjian.us> writes:
>
>> Peter Eisentraut wrote:
>>
>>> How does that prevent spoofing?
>>>
>
>
>> It creates a lock file that is the same name as the socket file that a
>> default-configured client would use, so it prevents a spoofed socket
>> from being created.
>>
>
> Only if the attacker didn't get there first. I think this idea is
> nothing but a crude kluge anyway...
>
>
I agree. I remain of the opinion that this is not a problem than can be
solved purely within the bounds of postgres.
cheers
andrew