On Sun, Dec 23, 2007 at 02:52:28PM -0500, Tom Lane wrote:
> Gregory Stark <stark@enterprisedb.com> writes:
> > Bruce summarized the problem pretty well when he said that if Postgres
> > is being run as a non-root user then one non-root user's "postgres" is
> > as good as any other non-root user's "postgres".
>
> "Problem"? What we mustn't lose sight of is that that's not a bug but
> a feature. It would be completely inappropriate for us as upstream to
> destroy that property, and my fundamental objection to what Debian
> has done is that they've destroyed that property at the distro level.
>
> I have no problem with the admin for a single installation putting in
> things that prevent there being more than one postmaster on that
> machine. I just say that software distribution time is not the place
> for such restrictions.
The default postgresql.conf in Debian contains a line like this:
unix_socket_directory = '/var/run/postgresql'
I don't understand what restriction you mean. What was changed is the
default location of the unix domain socket. If you still want it in
/tmp, you can put it there.
I think there are basicly two reasons to move it:
- It's insecure, as this thread shows
- The FHS says the they should be placed in /var/run/, probably for the first reason.
Kurt
