Bruce Momjian <[EMAIL PROTECTED]> writes: > Yes, it would plug the hole without fully implementing SSL control on > local sockets. However, the hole is already plugged by using directory > permissions so I question the need for a partial solution at this point > in 8.3.
As already noted, "fix /tmp's directory permissions" isn't a very helpful suggestion. > At this point in 8.3 I think we have to ask if we would make such a > change in a minor release, and I don't think we would. It depends on whether you call it a new feature or a bug fix. If it is a bug fix, wouldn't we also back-patch it? Given the smallness of Peter's patch, I don't think that treating it as a bug fix is unreasonable, if that (and the docs) are all we change. Now adding "localssl" etc to pg_hba.conf's options seems more like a new feature, and that I think should wait for 8.4. One question is whether patching this without adding localssl (and therefore, without providing a way for the DBA to enforce SSL use) is actually very helpful. You could be secure but you'd be depending on the client side to get it right. OTOH that's true anyway if we have no way to enforce that the client verify the postmaster's certificate. regards, tom lane ---------------------------(end of broadcast)--------------------------- TIP 6: explain analyze is your friend