Home > mailing lists

Re: Recent vendor SSL renegotiation patches break PostgreSQL - Mailing list pgsql-hackers

From	Michael Ledford
Subject	Re: Recent vendor SSL renegotiation patches break PostgreSQL
Date	February 3, 2010 14:56:00
Msg-id	8adf46ea1002030755w28703a2fo3a4330c49e18eed9@mail.gmail.com Whole thread Raw
In response to	Re: Recent vendor SSL renegotiation patches break PostgreSQL (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: Recent vendor SSL renegotiation patches break PostgreSQL
List	pgsql-hackers

Tree view

On Wed, Feb 3, 2010 at 10:21 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>
> Bad idea: once set, it'll never get unset, thus leaving installations
> with a weakened security posture even after they've installed fixed
> versions of openssl.
>
>                        regards, tom lane

One might argue that the current method is already weakened as it is
measured by the amount of data sent instead of of a length of time. A
session could live a long time under the 512MB threshold depending on
the queries that are being performed.

Michael

pgsql-hackers by date:

From: Tom Lane
Date: 03 February 2010, 14:49:04
Subject: Re: [COMMITTERS] pgsql: Assorted cleanups in preparation for using a map file to support

From: Robert Haas
Date: 03 February 2010, 14:58:51
Subject: Re: rbtree test data

Re: Recent vendor SSL renegotiation patches break PostgreSQL - Mailing list pgsql-hackers

Previous

Next