On Fri, Mar 09, 2012 at 10:18:31AM -0500, Tom Lane wrote:
> Bruce Momjian <bruce@momjian.us> writes:
> > What do people think of pg_upgrade setting its umask to 0077 so the log
> > and SQL files are only readable by the postgres user?
>
> +1 for restricting the log files, but I'm dubious that you should alter
> the existing permissions on copied files in any way.
>
> IOW, umask seems like the wrong tool.
I was afraid you would say that. :-(
The problem is that these files are being created often by shell
redirects, e.g. pg_dump -f out 2> log_file. There is no clean way to
control the file creation permissions in this case --- only umask gives
us a process-level setting. Actually, one crafty idea would be to do
the umask only when I exec something, and when I create the initial
files with the new banner you suggested. Let me look into that.
Frankly, the permissions are already being modified by the default
umask, e.g. 0022. Do we want a zero umask?
-- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB
http://enterprisedb.com
+ It's impossible for everything to be true. +