Tomasz Ostrowski wrote: > > Fundamentally these are man-in-the-middle attacks, and the only real > > solution is mutual authentication. > > The problem is not many people expect man-in-the-middle attack on > secure lan, localhost or local socket connection, so they'll not try > to prevent it.
Agreed. This was the big surprise for me, and hence the new documentation section I wrote. I think based on this discussion that there is no way for us easily to to avoid vulnerabilities so documentation/education seems the most appropriate approach. -- Bruce Momjian <[EMAIL PROTECTED]> http://momjian.us EnterpriseDB http://postgres.enterprisedb.com + If your life is a hard drive, Christ can be your backup. + ---------------------------(end of broadcast)--------------------------- TIP 4: Have you searched our list archives? http://archives.postgresql.org
