Hi guys,
Quick question. I'm getting the feeling these changes will impact any
company which would like to have one installation of the binaries on
their servers, but which run several instances of these binaries from
the one location.
i.e.
/opt/pgsql/7.2 <-- installed program
/data1 <-- data dir and config files
/data2 <-- data dir and config files
/data3 <-- data dir and config files
<etc>
pg_ctl start -D /data1
pg_ctl start -D /data2
pg_ctl start -D /data3
:-)
Regards and best wishes,
Justin Clift
Tom Lane wrote:
>
> Peter Eisentraut <peter_e@gmx.net> writes:
> > So the premise is that in theory any file can live anywhere. And the
> > access permissions of a file are solely controlled by its own permission
> > bits and ownership, not what directory it may live in. Ultimately, the
> > former way is more secure.
>
> <<itch>> I guess my thoughts on this are colored by bad experience with
> tools that are sloppy about preserving ownership/permissions on edited
> files. (I can recall being burnt this way by both Emacs and HP's "SAM"
> admin tool. Perhaps recent versions don't have those bugs anymore.)
> I am not at all convinced that "the former way is more secure" in
> reality, even if it's cleaner in theory.
>
> Can't we do both? If the default setup is to put config files in
> a Postgres-specific directory, then let's make the default arrangement
> be that that directory is Postgres-owned, mode 700, *and* the config
> files are Postgres-owned and mode 600. Anyone who wants to back off
> from that is welcome to take responsibility for any security holes
> they've created.
>
> > 2. Make sure the user account you created in step 1 can read the
> > configuration files. There are a few ways to make this happen:
>
> > a. Make the configuration files world-readable.
>
> I'd prefer you not recommend that at all, and certainly not as the
> first alternative.
>
> regards, tom lane
>
> ---------------------------(end of broadcast)---------------------------
> TIP 3: if posting/reading through Usenet, please send an appropriate
> subscribe-nomail command to majordomo@postgresql.org so that your
> message can get through to the mailing list cleanly
--
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there." - Indira Gandhi