Re: required rights for PGDATA

Поиск
Список
Период
Сортировка
От Tom Lane
Тема Re: required rights for PGDATA
Дата
Msg-id 25530.1043677470@sss.pgh.pa.us
обсуждение исходный текст
Ответ на required rights for PGDATA  (Holger Klawitter <lists@klawitter.de>)
Ответы Re: required rights for PGDATA  (Holger Klawitter <lists@klawitter.de>)
Список pgsql-general
Дерево обсуждения 
Holger Klawitter <lists@klawitter.de> writes:
> As postgres (the user under with the process is actually running) cannot
> obtain a shell, I need group access to the data directory in order to
> configure postgres.

> [ so relax permissions on $PGDATA ]

Why is it more secure to relax permissions on $PGDATA than to undo your
choice not to have a login shell for postgres?

In very many environments, 0770 protection would be a disaster.  I do
not think it is a good idea to allow that permission to be set, not
even configurably.

            regards, tom lane

В списке pgsql-general по дате отправления:

Предыдущее
От: Tom Lane
Дата:
Сообщение: Re: pg_dump automatic
Следующее
От: Nicolas Kowalski
Дата:
Сообщение: Re: passwords and 7.3