On Sat, Dec 22, 2007 at 02:21:42PM -0500, Tom Lane wrote: > No, we shouldn't, and if I had any authority over them I would make > Debian stop doing that. It amounts to a unilateral distro-specific > change in the protocol, and I think it makes things *less* secure, > because any clients who are expecting the socket to be in /tmp will be > easy pickings for a spoofer. Debian cannot hope to prevent that > scenario, because there are non-libpq-based client implementations.
Well, it's worked for many years and a little late to change now. It's arguably safer, since only postmasters owned by "postgres" can create a socket in that directory, any client attempting to connect to a server using that directory knows it's connecting to a server owned by 'postgres'. I can't think of any non-libpq clients which support Unix domain sockets? Have a nice day, -- Martijn van Oosterhout <[EMAIL PROTECTED]> http://svana.org/kleptog/ > Those who make peaceful revolution impossible will make violent revolution > inevitable. > -- John F Kennedy
signature.asc
Description: Digital signature