Tom Lane writes:
> A look at the source code shows it wants 744 or less.
>
> This is probably overly restrictive; in fact, I would argue that there
> should be no such check at all. We do not do runtime checks for
> permissions on any other files, and some of them are far more sensitive
> than postgresql.conf (password files for example). Peter, what is the
> rationale for having this check?
Security on a module basis perhaps (a.k.a. paranoia)? I could agree on
moving that check to $PGDATA but I feel it needs to be there. At least
one user was going to get into trouble here.
--
Peter Eisentraut peter_e@gmx.net http://funkturm.homeip.net/~peter