Thread: Postgres usage of session identifiers for security

Postgres usage of session identifiers for security

From

Keith Minsel

Date:

14 January 2014, 15:36:36

Can anyone describe how Postgres generates session identifiers and how Postgres uses a session identifier for community action protection?

More specifically, will Postgres allow a session identifier to be non-system generated? How does Postgres respond when presented with a non-system generated session identifier?

My security team is asking and I can't find any documentation on this.

Thanks,
Keith

Re: Postgres usage of session identifiers for security

From

Marti Raudsepp

Date:

14 January 2014, 17:15:11

On Tue, Jan 14, 2014 at 2:36 PM, Keith Minsel <minselk@gmail.com> wrote:
> Can anyone describe how Postgres generates session identifiers and how
> Postgres uses a session identifier for community action protection?

PostgreSQL is a database system, it does not "generate session identifiers".

You probably have an application that uses PostgreSQL, you should look
into that application instead.

Regards,
Marti