oleg yusim <olegyu...@gmail.com> writes:
> Got it, thanks... Now, is it any protection in place currently against
> replacing Session ID (my understanding, it is kept in memory, belonging to
> the session process) or against guessing Session ID (i.e. is Session ID
> generated using FIPS 140-2 compliant algorithms, or anything of that sort)?
I don't think Postgres even has any concept that matches what you seem
to think a Session ID is.
If you're looking for communication security/integrity checking, that's
something we leave to other software such as SSL.
regards, tom lane
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
