| From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Bruce Momjian <bruce(at)momjian(dot)us>, Robert Haas <robertmhaas(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: pg_upgrade using appname to lock out other users |
| Date: | 2011-06-17 20:03:08 |
| Message-ID: | 1308340988.16852.8.camel@vanquo.pezone.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On ons, 2011-06-15 at 17:50 -0400, Tom Lane wrote:
> Bruce Momjian <bruce(at)momjian(dot)us> writes:
> > Peter Eisentraut wrote:
> >> On non-Windows servers you could get this even safer by disabling the
> >> TCP/IP socket altogether, and placing the Unix-domain socket in a
> >> private temporary directory. The "port" wouldn't actually matter then.
>
> > Yes, it would be nice to just create the socket in the current
> > directory. The fact it doesn't work on Windows would cause our docs to
> > have to differ for Windows, which seems unfortunate.
>
> It still wouldn't be bulletproof against someone running as the postgres
> user, so probably not worth the trouble.
But the postgres user would normally be the DBA itself, so it'd be his
own fault. I don't see how you can easily make any process safe from
interference by the same user account.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2011-06-17 20:05:07 | Re: possible connection leak in dblink? |
| Previous Message | Jim Nasby | 2011-06-17 20:00:37 | Re: procpid? |