Lamar Owen <lamar.owen@wgcr.org> writes:
>> Maybe it would be worthwhile to try to force pg_pwd in particular
>> to be written with just mode 600. In the standard configuration that
>> shouldn't make any difference ...
> Hmmm... Can a parameter be passed to COPY giving the file create mode?
Yes, that was what I was thinking of. I need to look at the code and
see how direct the connection is between the code that knows it's
writing pg_pwd and the COPY code --- there might be a lot of layers
between :-(
> Just 'initdb --pglib=/usr/lib/pgsql --pgdata=/var/lib/pgsql'
> /var/lib/pgsql is created during the rpm installation of the server
> rpm -- and I can force that to create mode 0700. HOWEVER, that just
> fixes the symptom -- not the problem.
It looks like if you allow initdb to create the PGDATA directory, it
is correctly created with mode 700. But if the directory already
exists, initdb just uses it with whatever permissions it was made with.
Should initdb complain, or perhaps try to do a chmod() to make things
more secure? Mode 755 is bad enough, but suppose a sloppy admin had
made the directory group- or world-writable... or not even owned by
postgres...
regards, tom lane
