[systemd-devel] Does socket activation block a TCP port for listening by other processes?

[Florian Weimer]

We have quite a zoo of services which listen on localhost, on a fixed
TCP port, for use by local clients.  The canonical example is PostgreSQL
on 5432/TCP, for the benefit of Java clients (which cannot use the UNIX
domain socket).  This has the obvious issue that if a local attacker
crashes the service, they can impersonate it by binding to the same port.

Does socket activation reliably prevent such impersonation attacks?  Or
is there race, say during systemd configuration reloading or service
restarts, where systemd temporarily does not listen to that port?

-- 
Florian Weimer / Red Hat Product Security