Alvaro Herrera <alvherre@alvh.no-ip.org> writes:
> Gregory Stark wrote:
>> Storing your keys on a usb stick (which usually use fat filesystems)
>> isn't really such a crazy idea either.
> Storing a server SSL key on a USB stick is not crazy? I don't follow.
> What use case do you have for that?
It's worth pointing out also that we require server.key to be directly
in the $PGDATA directory, which means that any filesystem limitations on
its permissions info are going to apply to the $PGDATA directory itself.
Curiously enough, the access-permission checks on both $PGDATA and
$PGDATA/server.key are diked out in WIN32 builds, but I consider that
a bug we should fix, not a feature to be extended.
regards, tom lane