Re: [HACKERS] Connection to PostgreSQL Using Certificate: Wrong Permissions on Private Key File

> Now libpq doesn't have any provision for DETAIL or HINT in its
> locally-generated messages at the moment, so we can't just duplicate
> the backend message, but we could do something like this example
> from elsewhere in libpq:
>
>     if (stat_buf.st_mode & (S_IRWXG | S_IRWXO))
>     {
>         fprintf(stderr,
>                 libpq_gettext("WARNING: password file \"%s\" has world or group read access; permission should be
u=rw(0600)\n"), 
>                 pgpassfile);
>         return NULL;
>     }
>
Hmmm... I'm not crazy about libpq printing error messages to stderr.
The client application can't intercept those messages. And those
messages will often get lost - many client applications don't have
useful stderr streams (think GUI application on Win32).

          -- Korry

--

  Korry Douglas  <korryd@enterprisedb.com>
  EnterpriseDB    http://www.enterprisedb.com