>
> On Thu, 29 Jan 1998, The Hermit Hacker wrote:
>
> > On Thu, 29 Jan 1998, Brook Milligan wrote:
> >
> > > No, "normal" users shouldn't be allowed to do so, obviously. But, are
> > > there real systems in which a database maintainer (i.e., user
> > > postgres) cannot cooperate with the system admin (i.e., user root) to
> > > accomplish this? In practice, is it really envisioned that postgres
> > > should be _so_ distinct from the system? For example, don't most
> > > people run the postmaster from the system startup scripts, and isn't
> > > that the same thing? How did those commands get inserted into the
> > > startup scripts if not by root?
> >
> > I do not feel that it is appropriate for a non-root program (which
> > PostgreSQL is) to require a systems administrator to make permissions
> > related changed to a directory for it to run, period.
> >
> >
> >
> Speaking of feelings, I'm not especially happy about allowing any old
> user to trash a key file because it's located in a globally writable
> directory.
>
> Would setting the sticky bit on the permissions of the /tmp directory
> help?
Most OS's or good administrators already have the sticky bit set on
/tmp, or they should. If they don't, the PostgreSQL socket file is the
least of their worries.
--
Bruce Momjian
maillist@candle.pha.pa.us