| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Zeugswetter Andreas DAZ SD" <ZeugswetterA(at)spardat(dot)at> |
| Cc: | "Bruce Momjian" <pgman(at)candle(dot)pha(dot)pa(dot)us>, "Andrew Dunstan" <andrew(at)dunslane(dot)net>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Security implications of config-file-location patch |
| Date: | 2004-10-08 14:18:48 |
| Message-ID: | 12127.1097245128@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
"Zeugswetter Andreas DAZ SD" <ZeugswetterA(at)spardat(dot)at> writes:
>> Good point. Should we obscure pg_tablespace similarly to
>> what we do for pg_shadow?
> Hmm, I can not see how a person with file access could not easily find the
> file for a specific table without pg_tablespace anyway (since oid names will
> be quite unique). Without file access, what malicious act is he going to do
> with that info ?
> I think hiding that info would not really be safer, thus not worth it.
Do you also feel that there's no need to hide the values of the GUC
variables pgdata etc?
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2004-10-08 14:34:11 | Problem with CIDR data type restrictions |
| Previous Message | Euler Taveira de Oliveira | 2004-10-08 13:25:39 | Re: initdb crash |