Postgres Pro
Downloads
Home   >   mailing lists

Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all" - Mailing list pgsql-general

From David G. Johnston
Subject Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"
Date
Msg-id CAKFQuwaN-6S8hH3nQq9fDJHEeeGnh9qA_6JV2Rr8zAp2VY5CPw@mail.gmail.com
Whole thread Raw
In response to Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"  ("David G. Johnston" <david.g.johnston@gmail.com>)
Responses Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"  (Bryn Llewellyn <bryn@yugabyte.com>)
List pgsql-general
Tree view
On Tue, Nov 1, 2022 at 1:39 PM David G. Johnston <david.g.johnston@gmail.com> wrote:
On Tue, Nov 1, 2022 at 1:20 PM Bryn Llewellyn <bryn@yugabyte.com> wrote:

All this leads to an obvious question:

«
Given that all of the config files have been made readable by "group" (in contrast to the regime for the data files), what is the intention of this design? In other words, when is it proper to put an O/S user in the "postgres" group? After all, if the answer is "never" than no privileges on "postgres/postgres" files would ever have been granted to "group".
»


I think the intent of the design is for the custom Debian wrapper scripts to be able to read the configuration files for the named version "11" and configuration "main" to find out where certain things like the socket file are being written to.  The argument being the configuration files don't actually contain secret data so reading shouldn't be an issue and can be useful.  Obviously the same does not apply to data files.  On that basis it would indeed make more sense to grant read to "all" rather than try and add users to "postgres" to make the reading of the configuration files work.


Also, per the initdb documentation:

For security reasons the new cluster created by <command>initdb</command>
    will only be accessible by the cluster user by default.  The
    <option>--allow-group-access</option> option allows any user in the same
    group as the cluster owner to read files in the cluster.  This is useful
    for performing backups as a non-privileged user.
David J.

pgsql-general by date:

Previous
From: "David G. Johnston"
Date:
Subject: Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"
Next
From: Adrian Klaver
Date:
Subject: Re: Putting the O/S user for "local" "peer" authentication in the "postgres" group vs chmod'ing the "pg*.conf" files to be readable by "all"