Re: OpenBSD Trusted Path Execution (TPE) compatibility? - Mailing list pgsql-general

From Peter Eisentraut
Subject Re: OpenBSD Trusted Path Execution (TPE) compatibility?
Date
Msg-id Pine.LNX.4.30.0107052151500.677-100000@peter.localdomain
Whole thread Raw
In response to OpenBSD Trusted Path Execution (TPE) compatibility?  (Joshua Jore <moomonk@daisy-chan.org>)
Responses Re: OpenBSD Trusted Path Execution (TPE) compatibility?
List pgsql-general
Joshua Jore writes:

> Prevent execution of binaries that are in directories not owned by root
> Prevents interpreters from reading from STDIN
> Protect most proc info and *stat stuff
> Strips LD_PRELOAD and LD_LIBRARY_PATH
>
> Is there any reason that PostgreSQL or postmaster would have a problem
> with this

You might have trouble with the second item if you're using passwords,
since those have to come from stdin somehow.  But your description is too
vague to tell.  The others shouldn't pose any problems.

--
Peter Eisentraut   peter_e@gmx.net   http://funkturm.homeip.net/~peter


pgsql-general by date:

Previous
From: jdassen@cistron.nl (J.H.M. Dassen (Ray))
Date:
Subject: Re: Red Hat to support PostgreSQL
Next
From: Allan Engelhardt
Date:
Subject: Re: query optimizer questions