Home > mailing lists

Re: current_logfiles not following group access and instead follows log_file_mode permissions - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: current_logfiles not following group access and instead follows log_file_mode permissions
Date	January 15, 2019 18:53:30
Msg-id	29225.1547567610@sss.pgh.pa.us Whole thread Raw
In response to	Re: current_logfiles not following group access and instead follows log_file_mode permissions (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: current_logfiles not following group access and instead followslog_file_mode permissions (Michael Paquier <michael@paquier.xyz>)
List	pgsql-hackers

Tree view

I wrote:
> Haribabu Kommi <kommi.haribabu@gmail.com> writes:
>> Excluding the file in the backup can solve the problem of backup by an
>> unprivileged user. Is there any scenarios it can cause problems if it
>> doesn't follow the group access mode?

> The point of this file, as I understood it, was to allow someone who's
> allowed to read the log files to find out which one is the latest.  It
> makes zero sense for it to have different permissions from the log files,
> because doing that would break its only use-case.

On reflection, maybe the problem is not that we're giving the file
the wrong permissions, but that we're putting it in the wrong place?
That is, seems like it should be in the logfile directory not the
data directory.  That would certainly simplify the intended use-case,
and it would fix this complaint too.

            regards, tom lane

pgsql-hackers by date:

From: Darafei "Komяpa" Praliaskouski
Date: 15 January 2019, 18:17:59
Subject: Re: [HACKERS] COPY FREEZE and PD_ALL_VISIBLE

From: Maksim Milyutin
Date: 15 January 2019, 19:40:12
Subject: Re: O_DIRECT for relations and SLRUs (Prototype)

Re: current_logfiles not following group access and instead follows log_file_mode permissions - Mailing list pgsql-hackers

Previous

Next