| From: | Thomas Lockhart <lockhart(at)fourpalms(dot)org> |
|---|---|
| To: | murphy pope <pope_murphy(at)hotmail(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Why is ALLOW_ABSOLUTE_DBPATHS unsafe? |
| Date: | 2002-05-13 14:42:35 |
| Message-ID: | 3CDFD0DB.F5B132E9@fourpalms.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
> Maybe I'm just not devious enough, but I can't figure out what the risks
> are. Can anyone enlighten me?
Security issues include allowing non-privileged users access to
uncontrolled areas of storage. A devious non-privileged user might be
able to execute privileged code or otherwise mess around with data.
Data integrity issues include having the DBA lose control over *where*
data in the database is actually located. If a user decides to configure
some tables under /tmp, the DBA will have no way of knowing and will
have no opportunity to help plan the data storage strategy for his
system.
> Also, why are relative DB paths completely disallowed. I can see that you
> would have to store the location relative to the cluster's path, but I must
> be missing something here too. Thanks for any ideas.
Same reasons as above.
Database designers and administrators tend to be a suspicious and
paranoid lot. If you don't start out that way, losing data the first
time will make you so ;)
hth
- Thomas
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tomas Berndtsson | 2002-05-13 14:45:43 | Re: Serious environment problem with 7.2 on Solaris |
| Previous Message | Martijn van Oosterhout | 2002-05-13 14:24:25 | Re: Use of OIDS as primary keys |