Bruce Momjian wrote: > The fundamental problem is that because we don't require root, any user's > postmaster or pretend postmaster is as legitimate as anyone else's. SSL > certificates add legitimacy checks for TCP, but not for unix domain > sockets.
Wouldn't SSL work over Unix-domain sockets as well? The API only deals with file descriptors. -- Peter Eisentraut http://developer.postgresql.org/~petere/ ---------------------------(end of broadcast)--------------------------- TIP 4: Have you searched our list archives? http://archives.postgresql.org
