Home > mailing lists

Re: Localhost vs. Unix Domain Sockets? - Mailing list pgsql-general

From	John R Pierce
Subject	Re: Localhost vs. Unix Domain Sockets?
Date	August 19, 2014 04:51:59
Msg-id	53F2ADB2.40404@hogranch.com Whole thread Raw
In response to	Re: Localhost vs. Unix Domain Sockets? (Ken Tanzer <ken.tanzer@gmail.com>)
Responses	Re: Localhost vs. Unix Domain Sockets? (Matt S <matt@eatsleeprepeat.net>)
List	pgsql-general

Tree view

On 8/18/2014 6:45 PM, Ken Tanzer wrote:
> Thanks.  I'm not really worried about this particular vulnerability,
> just wondering about the more general idea that having db user name =
> os user could reduce your security, even if only slightly.  Is it just
> as conceivable that a vulnerability could come along that was more
> exploitable only if the two names were _different_?

what I read on that vunerability, it was talking about dbuser == dbname,
not os user.   and frankly, I didn't get their rationale for that.



--
john r pierce                                      37N 122W
somewhere on the middle of the left coast

pgsql-general by date:

From: Ken Tanzer
Date: 19 August 2014, 04:46:34
Subject: Re: Localhost vs. Unix Domain Sockets?

From: Matt S
Date: 19 August 2014, 04:58:58
Subject: Re: Localhost vs. Unix Domain Sockets?

Re: Localhost vs. Unix Domain Sockets? - Mailing list pgsql-general

Previous

Next