Bruce Momjian wrote: > Alvaro Herrera wrote: > > > I'm not sure tmp cleaners will work that well against a determined > > > spoofer. > > > > I don't understand. The tmp cleaner is something we have to _avoid_. > > Let me repeat my proposal. > > > > I propose to create a dangling symlink on system startup in > > /tmp/.s.PGSQL.<port> to the real socket, which is not on a > > I am confused because you say "dangling" then you say "to the real > socket". You are saying it isn't dangling when the server is running? > > > world-writable directory. This avoids the spoofer, because he cannot > > create the socket -- the symlink is occupying its place. > > > > The only problem with this proposal is that the tmp cleaner would remove > > the symlink. The solution to this is to configure the tmp cleaner so > > that it doesn't do that. > > > > It absolutely requires cooperation from the sysadmin, both to setup the > > symlink initially, and to configure the tmp cleaner. > > If you are going to require the admin to modify the tmp cleanup script, > the admin might as well create the symlink at the same time and have it > recreate on boot. We could actually just document this idea and be done > with it.
Oh, sorry, I see now you are having the admin create the symlink and modify the tmp cleaner --- yea, I think we just document this and call it done. Do we do anything in the backend for this proposal? -- Bruce Momjian <[EMAIL PROTECTED]> http://momjian.us EnterpriseDB http://postgres.enterprisedb.com + If your life is a hard drive, Christ can be your backup. + ---------------------------(end of broadcast)--------------------------- TIP 6: explain analyze is your friend