Home > mailing lists

Re: Security implications of config-file-location patch - Mailing list pgsql-hackers

From	Andrew Dunstan
Subject	Re: Security implications of config-file-location patch
Date	October 8, 2004 06:22:36
Msg-id	4165F9D6.5090909@dunslane.net Whole thread Raw
In response to	Security implications of config-file-location patch (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: Security implications of config-file-location patch
List	pgsql-hackers

Tree view


Tom Lane wrote:

>
>I am sort of on the fence about this.  I am thinking that it would be
>good to expose this information, but *only* to superusers.  It would not
>take much code to add a GUC variable flag bit that prevents
>non-superusers from examining the value of the GUC variable, and only a
>little more code to reflect the correct paths into these variables all
>the time.
>
>
>  
>

On the basis that I can't see that anyone but the superuser has a 
legitimate interest in the info, this sounds good.

cheers

andrew

pgsql-hackers by date:

From: Tom Lane
Date: 08 October 2004, 06:09:21
Subject: Security implications of config-file-location patch

From: Reini Urban
Date: 08 October 2004, 06:43:13
Subject: Re: more dirmod CYGWIN

Re: Security implications of config-file-location patch - Mailing list pgsql-hackers

Previous

Next