Re: Permission Denied When i am Trying to take Backup

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Stefan Huber <looseleaf(at)gmx(dot)net>
Cc: Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-admin(at)postgresql(dot)org
Subject: Re: Permission Denied When i am Trying to take Backup
Date: 2001-10-12 17:27:04
Message-ID: 27295.1002907624@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

Stefan Huber <looseleaf(at)gmx(dot)net> writes:
> Well, this might be true, if you are on a system, where more than one
> humans are operating. Or are there some other reasons behind this philosophy?

The idea is that the executables shouldn't be writable by the postgres
user. That way, even if some db user manages to break into your
database superuser account, the amount of damage he can do is limited.
This has got nothing to do with whether your server system has other
people on it: as long as someone can connect as superuser, they can
cause the backend to scribble on any file that's writable by postgres.

$PGDATA and the files and directories under it need to be owned/writable
by the postgres user, but there's no reason for the rest of the
installation (bin, lib, share, etc) to be writable by the postgres user.
So doing "make install" as root and "initdb" as postgres sets you up
more securely than doing the install as postgres.

regards, tom lane

In response to

Browse pgsql-admin by date

  From Date Subject
Next Message Bruce Momjian 2001-10-12 17:27:57 Re: reteptools.jar
Previous Message Tom Lane 2001-10-12 15:29:26 Re: Alter column / array