Re: Question about UNIX socket connections and SSL

Поиск
Список
Период
Сортировка
От Tom Lane
Тема Re: Question about UNIX socket connections and SSL
Дата
Msg-id 1514893.1718219853@sss.pgh.pa.us
обсуждение исходный текст
Ответ на Question about UNIX socket connections and SSL  (Casey & Gina <cg@osss.net>)
Ответы Re: Question about UNIX socket connections and SSL
Re: Question about UNIX socket connections and SSL
Список pgsql-general
Дерево обсуждения 
Casey & Gina <cg@osss.net> writes:
> So why can't I use SSL when connecting from a client to a UNIX socket?

(1) It'd add overhead without adding any security.  Data going through
a UNIX socket will only pass through the local kernel, and if that's
compromised then it's game over anyway.

(2) I'm less sure about this part, but I seem to recall that openssl
doesn't actually work if given a UNIX socket.

Maybe there are reasons why those arguments are obsolete, but you
haven't presented any.

            regards, tom lane

В списке pgsql-general по дате отправления:

Предыдущее
От: Karsten Hilbert
Дата:
Сообщение: Re: DROP COLLATION vs pg_collation question
Следующее
От: Daniel Gustafsson
Дата:
Сообщение: Re: Question about UNIX socket connections and SSL