> On 15 Nov 2018, at 22:42, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Further point about that: pg_regress's method of creating a temp
> directory under /tmp is secure only on machines with the stickybit
> set on /tmp; otherwise it's possible for an attacker to rename the
> temp dir out of the way and inject his own socket. We agreed that
> that was an okay risk to take for testing purposes, but I'm much
> less willing to assume that it's okay for production use with
> pg_upgrade.
That’s a good point, it’s not an assumption I’d be comfortable with when it
deals with system upgrades.
cheers ./daniel