Home > mailing lists

Re: BUG #3809: SSL "unsafe" private key permissions bug - Mailing list pgsql-bugs

From	Alvaro Herrera
Subject	Re: BUG #3809: SSL "unsafe" private key permissions bug
Date	December 8, 2007 20:25:26
Msg-id	20071208212507.GC13665@alvh.no-ip.org Whole thread Raw
In response to	Re: BUG #3809: SSL "unsafe" private key permissions bug (Gregory Stark <stark@enterprisedb.com>)
Responses	Re: BUG #3809: SSL "unsafe" private key permissions bug (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-bugs

Tree view

Gregory Stark wrote:

> So for example if the key directory lay on an FAT filesystem which doesn't
> have unix bit per file the only way to satisfy the check would be to mount the
> filesystem with the option to make every file in the filesystem have those
> bits. Storing your keys on a usb stick (which usually use fat filesystems)
> isn't really such a crazy idea either.

Storing a server SSL key on a USB stick is not crazy?  I don't follow.
What use case do you have for that?

--
Alvaro Herrera                 http://www.amazon.com/gp/registry/CTMLCN8V17R4
"La persona que no quería pecar / estaba obligada a sentarse
 en duras y empinadas sillas    / desprovistas, por cierto
 de blandos atenuantes"                          (Patricio Vogel)

pgsql-bugs by date:

From: Gregory Stark
Date: 08 December 2007, 20:09:12
Subject: Re: BUG #3809: SSL "unsafe" private key permissions bug

From: Tom Lane
Date: 08 December 2007, 20:25:31
Subject: Re: [HACKERS] BUG #3799: csvlog skips some logs

Re: BUG #3809: SSL "unsafe" private key permissions bug - Mailing list pgsql-bugs

Previous

Next