* Martijn van Oosterhout: > Well, I guess it's an issue. At least it's not suceptable to the > standard symlink attacks. There is in general no way of knowing if the > server you are connecting to is what you think it is (except via SSL > maybe?).
For local (i.e. UNIX domain socket) connections, there is -- just use a hard-coded path where each directory is only writable by root or by the PostgreSQL superuser (/var/run in Debian is not world-writable, for instance). > The good thing is that if you're using md5 auth they can't grab your > password. The password is probably of little concern if you use UNIX domain sockets. But feeding wrong data to the application might trigger interesting things. ---------------------------(end of broadcast)--------------------------- TIP 5: don't forget to increase your free space map settings