git.postgresql.org Git - postgresql.git/commitdiff

git projects / postgresql.git / commitdiff

doc: requirepeer is a way to avoid spoofing

2016年8月19日 01:41:10 +0000 (21:41 -0400)

committer Bruce Momjian <bruce@momjian.us>

2016年8月19日 01:41:56 +0000 (21:41 -0400)

We already mentioned unix_socket_directories as an option.

Reported-by: https://www.postgresql.org/message-id/45016837-6cf3-3136-f959-763d06a28076%402ndquadrant.com
Backpatch-through: 9.6

doc/src/sgml/runtime.sgml patch | blob | blame | history

diff --git a/doc/src/sgml/runtime.sgml b/doc/src/sgml/runtime.sgml

index 60a06590fec3a8a91d23b28369f3e2e786697549..98752c2875cd8d3256110ef275dce928a194705b 100644 (file)

--- a/doc/src/sgml/runtime.sgml

+++ b/doc/src/sgml/runtime.sgml

@@ -1922,7 +1922,7 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433

</para>

<para>

- The simplest way to prevent spoofing for <literal>local</>

+ On way to prevent spoofing of <literal>local</>

connections is to use a Unix domain socket directory (<xref

linkend="guc-unix-socket-directories">) that has write permission only

for a trusted local user. This prevents a malicious user from creating

@@ -1934,6 +1934,13 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433

<filename>/tmp</> cleanup script to prevent removal of the symbolic link.

</para>

+ <para>

+ Another option for <literal>local</> connections is for clients to use

+ <link linkend="libpq-connect-requirepeer"><literal>requirepeer</></>

+ to specify the required owner of the server process connected to

+ the socket.

+ </para>

<para>

To prevent spoofing on TCP connections, the best solution is to use

SSL certificates and make sure that clients check the server's certificate.

This is the main PostgreSQL git repository.

RSS Atom