Re: Restricting permissions on Unix socket

Поиск

Список

Период

Сортировка

От	Alfred Perlstein
Тема	Re: Restricting permissions on Unix socket
Дата	31 октября 2000 г. 18:02:43
Msg-id	20001031150230.E22110@fw.wintelcom.net обсуждение исходный текст
Ответ на	Restricting permissions on Unix socket (Peter Eisentraut <peter_e@gmx.net>)
Список	pgsql-hackers

Дерево обсуждения

* Peter Eisentraut <peter_e@gmx.net> [001031 12:57] wrote:
> I'd like to add an option or two to restrict the set of users that can
> connect to the Unix domain socket of the postmaster, as an extra security
> option.
> 
> I imagine something like this:
> 
> unix_socket_perm = 0660
> unix_socket_group = pgusers
> 
> Obviously, permissions that don't have 6's in there don't make much sense,
> but I feel this notation is the most intuitive way for admins.
> 
> I'm not sure how to do the group thing, though.  If I use chown(2) then
> there's a race condition, but doing savegid; create socket; restoregid
> might be too awkward?  Any hints?

Set your umask to 777 then go to town.

-- 
-Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org]
"I have the heart of a child; I keep it in a jar on my desk."

В списке pgsql-hackers по дате отправления:

Вход в личный кабинет

Восстановление пароля

Подтверждение аккаунта

Изменение пароля

Re: Restricting permissions on Unix socket