Home > mailing lists

Re: [HACKERS] SSL over Unix-domain sockets - Mailing list pgsql-patches

From	Tom Lane
Subject	Re: [HACKERS] SSL over Unix-domain sockets
Date	January 17, 2008 15:31:57
Msg-id	9905.1200587500@sss.pgh.pa.us Whole thread Raw
In response to	Re: [HACKERS] SSL over Unix-domain sockets (Bruce Momjian <bruce@momjian.us>)
Responses	Re: [HACKERS] SSL over Unix-domain sockets
List	pgsql-patches

Tree view

Bruce Momjian <bruce@momjian.us> writes:
> Peter Eisentraut wrote:
>> How does that prevent spoofing?

> It creates a lock file that is the same name as the socket file that a
> default-configured client would use, so it prevents a spoofed socket
> from being created.

Only if the attacker didn't get there first.  I think this idea is
nothing but a crude kluge anyway...

            regards, tom lane

pgsql-patches by date:

From: Bruce Momjian
Date: 17 January 2008, 15:11:35
Subject: Re: [HACKERS] SSL over Unix-domain sockets

From: Andrew Dunstan
Date: 17 January 2008, 15:36:06
Subject: Re: [HACKERS] SSL over Unix-domain sockets

Re: [HACKERS] SSL over Unix-domain sockets - Mailing list pgsql-patches

Previous

Next