On Sat, 29 Dec 2007 10:38:13 -0500 Andrew Dunstan <[EMAIL PROTECTED]> wrote: > > > D'Arcy J.M. Cain wrote: > > - 1: How does the client assure that the postmaster is legit > > - 2: How does the postmaster assure that the client is legit > > And neither answers the original problem:
Which seems to have been lost in the noise. > 3. How can the sysadmin prevent a malicious local user from hijacking > the sockets if the postmaster isn't running? A better way of stating it for sure. > Prevention is much more valuable than ex post detection, IMNSHO. > > Probably the first answer is not to run postgres on a machine with > untrusted users, but that's not always possible. Maybe we can't find a > simple cross-platform answer, but that doesn't mean we should not look > at platform-specific answers, at least for documentation. Yes, that's what I said at the start of this discussion. If you don't trust the users with actual access to the box, the rest of this is pretty much academic. -- D'Arcy J.M. Cain <[EMAIL PROTECTED]> | Democracy is three wolves http://www.druid.net/darcy/ | and a sheep voting on +1 416 425 1212 (DoD#0082) (eNTP) | what's for dinner. ---------------------------(end of broadcast)--------------------------- TIP 7: You can help support the PostgreSQL project by donating at http://www.postgresql.org/about/donate