| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Lockfile restart failure is still there :-( |
| Date: | 2005-03-17 23:00:04 |
| Message-ID: | 423A0BF4.8090202@dunslane.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane wrote:
>But I evidently didn't
>read the code quite carefully enough: as CreateLockFile() is written,
>it considers an EPERM error from kill() to be reason to treat the
>lockfile as valid.
>
>
I thought that was part of what you were going to address. There can
hardly be an objection now to fixing it.
>I am strongly tempted to add a direct check in checkDataDir() that the
>data directory actually does belong to our own uid, just for paranoia's
>sake. Someone might decide that they could relax the permission check
>("hey, why not let the dbadmin group have write permission on $PGDATA")
>without realizing they'd be weakening the startup safety interlock.
>
>
>
>
I assume that ACLs can't be used to get around the restrictions ...
cheers
andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Juan Pablo Espino | 2005-03-17 23:08:03 | |
| Previous Message | Tom Lane | 2005-03-17 22:51:25 | Re: depended on table types |