Re: pg_upgrade using appname to lock out other users

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Bruce Momjian <bruce(at)momjian(dot)us>
Cc: Peter Eisentraut <peter_e(at)gmx(dot)net>, Robert Haas <robertmhaas(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: pg_upgrade using appname to lock out other users
Date: 2011-06-15 21:50:15
Message-ID: 28881.1308174615@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Bruce Momjian <bruce(at)momjian(dot)us> writes:
> Peter Eisentraut wrote:
>> On non-Windows servers you could get this even safer by disabling the
>> TCP/IP socket altogether, and placing the Unix-domain socket in a
>> private temporary directory. The "port" wouldn't actually matter then.

> Yes, it would be nice to just create the socket in the current
> directory. The fact it doesn't work on Windows would cause our docs to
> have to differ for Windows, which seems unfortunate.

It still wouldn't be bulletproof against someone running as the postgres
user, so probably not worth the trouble.

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Simon Riggs 2011-06-15 21:54:56 Re: FK NOT VALID can't be deferrable?
Previous Message Simon Riggs 2011-06-15 21:46:26 Re: FK NOT VALID can't be deferrable?