Home > mailing lists

Re: Bypassing Directory Ownership Check in PostgreSQL 16.6 with Secure z/OS NFS (AT-TLS) - Mailing list pgsql-general

From	Tom Lane
Subject	Re: Bypassing Directory Ownership Check in PostgreSQL 16.6 with Secure z/OS NFS (AT-TLS)
Date	July 17 08:14:33
Msg-id	1344583.1752729273@sss.pgh.pa.us Whole thread Raw
In response to	Re: Bypassing Directory Ownership Check in PostgreSQL 16.6 with Secure z/OS NFS (AT-TLS) (Amol Inamdar <amol.aai@gmail.com>)
List	pgsql-general

Tree view

Amol Inamdar <amol.aai@gmail.com> writes:
> @Laurenz Albe <laurenz.albe@cybertec.at>
>> If you pre-create the data directory with the appropriate permissions,
>> what keeps you from giving ownership to the correct user too?

> Our NFS server is not a regular linux based server,
> it's on zOS (Mainframes) with AT-TLS security enabled,
> hence it doesn't allow changing of ownership.

Not only is that not a fit storage substrate for Postgres,
it's pretty hard to imagine that it's a fit substrate for
anything.  "Every file on this filesystem must belong to the
same owner" is a concept that should have gone out with
floppy disks.

You need some extremely fundamental re-examination of your
design decisions.  At the moment I am content to say that
Postgres does not support this storage mechanism and we
do not intend to do so in the future.

            regards, tom lane

pgsql-general by date:

From: Amol Inamdar
Date: 17 July, 07:52:37
Subject: Re: Bypassing Directory Ownership Check in PostgreSQL 16.6 with Secure z/OS NFS (AT-TLS)

From: Ron Johnson
Date: 17 July, 16:13:15
Subject: Re: Bypassing Directory Ownership Check in PostgreSQL 16.6 with Secure z/OS NFS (AT-TLS)

Re: Bypassing Directory Ownership Check in PostgreSQL 16.6 with Secure z/OS NFS (AT-TLS) - Mailing list pgsql-general

Previous

Next