Home > mailing lists

Re: Localhost vs. Unix Domain Sockets? - Mailing list pgsql-general

From	John R Pierce
Subject	Re: Localhost vs. Unix Domain Sockets?
Date	August 19, 2014 03:00:56
Msg-id	53F293A4.5070704@hogranch.com Whole thread Raw
In response to	Localhost vs. Unix Domain Sockets? (Ken Tanzer <ken.tanzer@gmail.com>)
Responses	Re: Localhost vs. Unix Domain Sockets? (Tom Lane <tgl@sss.pgh.pa.us>) Re: Localhost vs. Unix Domain Sockets? (Matt S <matt@eatsleeprepeat.net>)
List	pgsql-general

Tree view

On 8/18/2014 4:55 PM, Ken Tanzer wrote:
> So I've got two questions.  One is whether there are any downsides to
> using sockets, or any "gotchas" to be aware of.  The second is whether
> there is anything to do to increase the security of sockets?  (e.g.,
> analagous to encrypting localhost conenctions with SSL?)  From the
> little I saw, it sounds like sockets are "just inherently secure," but
> wanted to confirm that or get another opinion!

localhost is plenty secure, only root can sniff it, and root can su to
postgres and be in full ownership of your server anyways, so if you
consider root a security risk, well, there's no cure for that.

unix domain sockets are quite secure too.   they might be slightly
faster than tcp/ip via localhost, but its probably not enough to matter.

--
john r pierce                                      37N 122W
somewhere on the middle of the left coast

pgsql-general by date:

From: Ken Tanzer
Date: 19 August 2014, 02:56:17
Subject: Localhost vs. Unix Domain Sockets?

From: Tom Lane
Date: 19 August 2014, 03:09:18
Subject: Re: Localhost vs. Unix Domain Sockets?

Re: Localhost vs. Unix Domain Sockets? - Mailing list pgsql-general

Previous

Next