| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
| Cc: | Peter Eisentraut <peter_e(at)gmx(dot)net>, PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Summary of new configuration file and data directory locations |
| Date: | 2002-02-07 19:40:18 |
| Message-ID: | 15132.1013110818@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> Tom Lane wrote:
>> This strikes me as a fairly BAD idea because of the security
>> implications of keeping these things in a world-accessible directory.
> I assumed sysconfdir was _not_ going to be world-accessable. Does it
> have to be?
Peter mentioned /etc as a plausible value of sysconfdir. I don't think
we should assume that it is a postgresql-only directory. Moreover,
there is little point in making these files root-owned (as he also
suggested) if they live in a postgres-owned directory; yet unless they
do, we can't use restrictive directory permissions.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2002-02-07 19:49:07 | Re: Summary of new configuration file and data directory locations |
| Previous Message | Dann Corbit | 2002-02-07 19:26:55 | Re: JOINs ... how I hate them ... |