Re: Upcoming re-releases

Florian Weimer <fw@deneb.enyo.de>

From: Florian Weimer <fw@deneb.enyo.de>
To: Martijn van Oosterhout <kleptog@svana.org>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Andrew Dunstan <andrew@dunslane.net>, Alvaro Herrera <alvherre@commandprompt.com>, Christopher Kings-Lynne <chriskl@familyhealth.com.au>, Devrim GUNDUZ <devrim@commandprompt.com>, "pgsql-hackers@postgresql.org" <pgsql-hackers@postgresql.org>
Date: 2006-02-11T17:21:04Z
Lists: pgsql-hackers
* Martijn van Oosterhout:

> Well, I guess it's an issue. At least it's not suceptable to the
> standard symlink attacks. There is in general no way of knowing if the
> server you are connecting to is what you think it is (except via SSL
> maybe?).

For local (i.e. UNIX domain socket) connections, there is -- just use
a hard-coded path where each directory is only writable by root or by
the PostgreSQL superuser (/var/run in Debian is not world-writable,
for instance).

> The good thing is that if you're using md5 auth they can't grab your
> password.

The password is probably of little concern if you use UNIX domain
sockets.  But feeding wrong data to the application might trigger
interesting things.