On 7/29/16 11:13 AM, Bruce Momjian wrote:
> Yes, I am thinking of a case where Postgres is down but a malevolent
> user starts a Postgres server on 5432 to gather passwords.  Verifying
> against an SSL certificate would avoid this problem, so there is some
> value in using SSL on localhost.  (There is no such security available
> for Unix-domain socket connections.)

Sure, there is the requirepeer connection option for that.

Peter Eisentraut              http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to