Home > mailing lists

Re: heads up -- subtle change of behavior of new initdb - Mailing list pgsql-hackers

From	Greg Stark
Subject	Re: heads up -- subtle change of behavior of new initdb
Date	November 14, 2003 15:11:09
Msg-id	871xsbnd6v.fsf@stark.dyndns.tv Whole thread Raw
In response to	Re: heads up -- subtle change of behavior of new initdb (Peter Eisentraut <peter_e@gmx.net>)
Responses	Re: heads up -- subtle change of behavior of new initdb (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

Peter Eisentraut <peter_e@gmx.net> writes:

> Greg Stark writes:
> 
> > Wouldn't at least 0750 be safe? That way putting a user in the postgres group
> > would grant him access to be able to browse around and read the files in
> > pg_data.
> 
> That assumes that there is a restricted postgres group, which is not
> guaranteed.

Well the current setup assumes the admin hasn't leaked the root password too.

I'm not suggesting making that the default setup, just loosening the paranoia
check so that if an admin sets the directory to be group readable the database
doesn't refuse to start up.

-- 
greg

pgsql-hackers by date:

From: Robert Treat
Date: 14 November 2003, 15:08:26
Subject: Re: cvs head? initdb?

From: Jan Wieck
Date: 14 November 2003, 15:42:04
Subject: Re: Background writer process

Re: heads up -- subtle change of behavior of new initdb - Mailing list pgsql-hackers

Previous

Next