Problem
The node's PostgreSQL connection helper (get_connection) does not enforce TLS certificate or hostname validation. Connections can fall back to plaintext or use unauthenticated TLS (Prefer mode), allowing potential man-in-the-middle attacks on database traffic.
Fix
PR #1104 sets ssl_mode to PgSslMode::VerifyFull and rejects insecure SSL modes (Prefer, Disable) except when explicitly opted in for local development via allow_non_ssl.
JIRA: https://shielded.atlassian.net/browse/PM-22023
Problem
The node's PostgreSQL connection helper (
get_connection) does not enforce TLS certificate or hostname validation. Connections can fall back to plaintext or use unauthenticated TLS (Prefermode), allowing potential man-in-the-middle attacks on database traffic.Fix
PR #1104 sets
ssl_modetoPgSslMode::VerifyFulland rejects insecure SSL modes (Prefer,Disable) except when explicitly opted in for local development viaallow_non_ssl.JIRA: https://shielded.atlassian.net/browse/PM-22023