Home > mailing lists

Re: Security implications of config-file-location patch - Mailing list pgsql-hackers

From	Bruce Momjian
Subject	Re: Security implications of config-file-location patch
Date	October 8, 2004 08:35:57
Msg-id	200410080435.i984ZnO19629@candle.pha.pa.us Whole thread Raw
In response to	Re: Security implications of config-file-location patch (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: Security implications of config-file-location patch
List	pgsql-hackers

Tree view

Tom Lane wrote:
> Bruce Momjian <pgman@candle.pha.pa.us> writes:
> > If they are using tablespaces is it OK that anyone can see their
> > location?
> 
> Good point.  Should we obscure pg_tablespace similarly to what we do for
> pg_shadow?

Well, if we feel file locations are better left only visible to
super-users, we should.  However, when managing disk space, aren't
normal users also often interested in which disk drives will store their
data?  I don't see a big value to obscuring pgdata myself.

I suppose one solution would be for administrators to name their
tablespaces after the disk drive names if they want their users will
know the drive names.

--  Bruce Momjian                        |  http://candle.pha.pa.us pgman@candle.pha.pa.us               |  (610)
359-1001+  If your life is a hard drive,     |  13 Roberts Road +  Christ can be your backup.        |  Newtown Square,
Pennsylvania19073

pgsql-hackers by date:

From: Tom Lane
Date: 08 October 2004, 08:28:27
Subject: Re: Security implications of config-file-location patch

From: Gavin Sherry
Date: 08 October 2004, 09:01:42
Subject: Re: SQL-Invoked Procedures for 8.1

Re: Security implications of config-file-location patch - Mailing list pgsql-hackers

Previous

Next