Re: help for:FATAL 1: configuration file `postgresql.conf' has wrong permissions - Mailing list pgsql-bugs

From Peter Eisentraut
Subject Re: help for:FATAL 1: configuration file `postgresql.conf' has wrong permissions
Date
Msg-id Pine.LNX.4.30.0108060013470.11162-100000@peter.localdomain
Whole thread Raw
In response to Re: help for:FATAL 1: configuration file `postgresql.conf' has wrong permissions  (Tom Lane <tgl@sss.pgh.pa.us>)
Responses Re: help for:FATAL 1: configuration file `postgresql.conf' has wrong permissions
List pgsql-bugs
Tom Lane writes:

> A look at the source code shows it wants 744 or less.
>
> This is probably overly restrictive; in fact, I would argue that there
> should be no such check at all.  We do not do runtime checks for
> permissions on any other files, and some of them are far more sensitive
> than postgresql.conf (password files for example).  Peter, what is the
> rationale for having this check?

Security on a module basis perhaps (a.k.a. paranoia)?  I could agree on
moving that check to $PGDATA but I feel it needs to be there.  At least
one user was going to get into trouble here.

--
Peter Eisentraut   peter_e@gmx.net   http://funkturm.homeip.net/~peter

pgsql-bugs by date:

Previous
From: Tom Lane
Date:
Subject: Re: alloc error on multiple action-queries within a rule
Next
From: Tom Lane
Date:
Subject: Re: help for:FATAL 1: configuration file `postgresql.conf' has wrong permissions