Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content

Commit 5285c5e

Browse files
committed
doc: requirepeer is a way to avoid spoofing
We already mentioned unix_socket_directories as an option. Reported-by: https://www.postgresql.org/message-id/45016837-6cf3-3136-f959-763d06a28076%402ndquadrant.com Backpatch-through: 9.6
1 parent 9595383 commit 5285c5e

File tree

1 file changed

+8
-1
lines changed

1 file changed

+8
-1
lines changed

doc/src/sgml/runtime.sgml

+8-1
Original file line numberDiff line numberDiff line change
@@ -1922,7 +1922,7 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433
19221922
</para>
19231923

19241924
<para>
1925-
The simplest way to prevent spoofing for <literal>local</>
1925+
On way to prevent spoofing of <literal>local</>
19261926
connections is to use a Unix domain socket directory (<xref
19271927
linkend="guc-unix-socket-directories">) that has write permission only
19281928
for a trusted local user. This prevents a malicious user from creating
@@ -1934,6 +1934,13 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433
19341934
<filename>/tmp</> cleanup script to prevent removal of the symbolic link.
19351935
</para>
19361936

1937+
<para>
1938+
Another option for <literal>local</> connections is for clients to use
1939+
<link linkend="libpq-connect-requirepeer"><literal>requirepeer</></>
1940+
to specify the required owner of the server process connected to
1941+
the socket.
1942+
</para>
1943+
19371944
<para>
19381945
To prevent spoofing on TCP connections, the best solution is to use
19391946
SSL certificates and make sure that clients check the server's certificate.

0 commit comments

Comments
 (0)