On Fri, Jul 29, 2016 at 11:27:06AM -0400, Peter Eisentraut wrote: > On 7/29/16 11:13 AM, Bruce Momjian wrote: > > Yes, I am thinking of a case where Postgres is down but a malevolent > > user starts a Postgres server on 5432 to gather passwords. Verifying > > against an SSL certificate would avoid this problem, so there is some > > value in using SSL on localhost. (There is no such security available > > for Unix-domain socket connections.) > > Sure, there is the requirepeer connection option for that.
Oh, nice, I had not seen that. -- Bruce Momjian <br...@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + As you are, so once was I. As I am, so you will be. + + Ancient Roman grave inscription + -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
