Home > mailing lists

Re: Improved security for https://www.postgresql.org/docs/current/install-make.html - Mailing list pgsql-docs

From	Peter Eisentraut
Subject	Re: Improved security for https://www.postgresql.org/docs/current/install-make.html
Date	November 11 21:32:55
Msg-id	19968047-83d1-4582-af56-cf4ddfc25c2e@eisentraut.org Whole thread Raw
In response to	Improved security for https://www.postgresql.org/docs/current/install-make.html (PG Doc comments form <noreply@postgresql.org>)
Responses	Re: Improved security for https://www.postgresql.org/docs/current/install-make.html
List	pgsql-docs

Tree view

On 06.11.24 22:58, PG Doc comments form wrote:
> The 'short' script can then be rewritten as
> 
> ```
> # work done as a regular user
> ./configure
> make build
> 
> # work that requires ROOT access
> su
> mkdir /usr/local/pgsql/data
> chown (current user):(current group) /usr/local/pgsql
> adduser --system --group postgres
> exit
> 
> # work that requires POSTGRES access
> su -u postgres
> make install installdirs
> exit

We don't want the installed files to be owned by postgres.  That would 
mean that a compromised PostgreSQL server (running as "postgres") could 
overwrite its own installation files.  You don't have to use "root" for 
the installation, of course, but it should be separate from "postgres".

pgsql-docs by date:

From: "David G. Johnston"
Date: 11 November, 19:39:31
Subject: Re: Documentation error in tutorial page for Window Functions

From: Alvaro Herrera
Date: 12 November, 14:45:12
Subject: Re: CREATE UNIQUE INDEX name ON table (column [, ...]) [ NULLS [ NOT ] DISTINCT ];

Re: Improved security for https://www.postgresql.org/docs/current/install-make.html - Mailing list pgsql-docs

Previous

Next