Home > mailing lists

Re: [HACKERS] SSL over Unix-domain sockets - Mailing list pgsql-patches

From	Magnus Hagander
Subject	Re: [HACKERS] SSL over Unix-domain sockets
Date	January 18, 2008 07:40:42
Msg-id	20080118114036.GG7353@svr2.hagander.net Whole thread Raw
In response to	Re: [HACKERS] SSL over Unix-domain sockets (Peter Eisentraut <peter_e@gmx.net>)
List	pgsql-patches

Tree view

On Fri, Jan 18, 2008 at 12:35:40PM +0100, Peter Eisentraut wrote:
> Am Freitag, 18. Januar 2008 schrieb Magnus Hagander:
> > Not that much more than moving the socket file to a secure directory. Both
> > rely on configuring the client properly. It's arguably a lot easier to
> > configure the client to connect to the correct socket, than to make sure
> > the client has a root certificate installed.
>
> How would a client check whether the socket file is in a secure location?

The same way it would get the root certificate to trust - it would be told
so by the administrator who had secured the location.

//Magnus

pgsql-patches by date:

From: Peter Eisentraut
Date: 18 January 2008, 07:35:46
Subject: Re: [HACKERS] SSL over Unix-domain sockets

From: Peter Eisentraut
Date: 18 January 2008, 15:12:08
Subject: Re: [GENERAL] Forgot to dump old data before re-installing machine

Re: [HACKERS] SSL over Unix-domain sockets - Mailing list pgsql-patches

Previous

Next