Tom Lane writes:
> Can't we do both? If the default setup is to put config files in
> a Postgres-specific directory, then let's make the default arrangement
> be that that directory is Postgres-owned, mode 700, *and* the config
> files are Postgres-owned and mode 600.
The problem with this is that the PostgreSQL-specific configuration file
directory may be used by programs other than the server. E.g., the ODBC
driver puts stuff in there. In some future life there may be a global
psqlrc file or the JDBC driver may have a global properties file (don't
know if that just made sense). So we'd have to make a subdirectory, say
"server" (or "secure" or "secret" ...). Seems a bit ugly.
Moreover, I don't know if we can make permission changes on directories
during installation (make install). (Read "can" as: ought to, while
staying within the vague confines of open-source software build system
standards.) For all we know, the directory may already be there and the
installer told us to reuse it.
How is the situation on the broken editors these days? We might just want
to put a note on the top of each critical file
# Make sure this file is not readable by anyone except you.
# If you edit it, make sure your editor does not change the permissions on
# this file.
# If in doubt, execute chmod go-a filename.
--
Peter Eisentraut peter_e@gmx.net