diff options
| author | Bruce Momjian <bruce@momjian.us> | 2007-12-29 03:36:56 +0000 |
|---|---|---|
| committer | Bruce Momjian <bruce@momjian.us> | 2007-12-29 03:36:56 +0000 |
| commit | 400be4ef986dec8c1a1679b725801a8fc23ff6b9 (patch) | |
| tree | 2be68c59bcb80b625d2b7a979d08490fd68885e6 | |
| parent | f5678e8e07563e34ae4dc832546977d13edcd665 (diff) | |
| download | postgresql-400be4ef986dec8c1a1679b725801a8fc23ff6b9.tar.gz postgresql-400be4ef986dec8c1a1679b725801a8fc23ff6b9.zip | |
Document problem with NULL SSL ciphers and man-in-the-middle attacks.
| -rw-r--r-- | doc/src/sgml/runtime.sgml | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/doc/src/sgml/runtime.sgml b/doc/src/sgml/runtime.sgml index 356a1d295c8..166d86a623c 100644 --- a/doc/src/sgml/runtime.sgml +++ b/doc/src/sgml/runtime.sgml @@ -1,4 +1,4 @@ -<!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.397 2007/12/25 17:06:52 momjian Exp $ --> +<!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.398 2007/12/29 03:36:56 momjian Exp $ --> <chapter Id="runtime"> <title>Operating System Environment</title> @@ -1604,7 +1604,10 @@ $ <userinput>kill -INT `head -1 /usr/local/pgsql/data/postmaster.pid`</userinput ciphers can be specified in the <productname>OpenSSL</productname> configuration file, you can specify ciphers specifically for use by the database server by modifying <xref linkend="guc-ssl-ciphers"> in - <filename>postgresql.conf</>. + <filename>postgresql.conf</>. It is possible to allow authentication + without the overhead of encryption by using <literal>NULL-SHA</> or + <literal>NULL-MD5</> ciphers. However, a man-in-the-middle could read + and pass communications between client and server. </para> <para> |