> Now there is a bigger problem. pg_pwd is mode rw-rw-rw- because a COPY
> is used to create it. Any ideas how to fix this? Copy sets the
> permissions to this before it creates the file. It temporarily changes
> the umask to create the file. If pg_pwd ever has data in it and it is
> world-readable, it is unsecure.
>
> Anyone have a brilliant idea on a fix?
Well, the data directory itself is protected from anyone other than the postgres
account, so it may not matter as much if an individual file is not right. My (former)
Ingres installation had the directory protected, and then permissions of 777 on all the
directories and files within it as I recall...
We should fix it up to match the protections on other files though...
- Tom
