Additional "Creating a Cluster" Guidance for Windows Users

From: "Jonathan S(dot) Katz" <jkatz(at)postgresql(dot)org>
To: Pg Docs <pgsql-docs(at)lists(dot)postgresql(dot)org>
Subject: Additional "Creating a Cluster" Guidance for Windows Users
Date: 2019-05-12 16:28:47
Message-ID: 5e25223c-700d-3559-a7af-cf15941b093d@postgresql.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-docs

Hi,

Per the last update release[1] I was going through some of our
documentation around creating clusters and noticed that we may want to
provide a bit more guidance around creating clusters on Windows:

https://www.postgresql.org/docs/current/creating-cluster.html

i.e.:

"Because the data directory contains all the data stored in the
database, it is essential that it be secured from unauthorized access.
initdb therefore revokes access permissions from everyone but the
PostgreSQL user, and optionally, group."

However, this does not explicitly state that initdb performs this
revocation only for *non-Windows systems* -- to lock down the data
directory after an initdb run on a Windows system, it requires manual
intervention.

I've attached a patch that explicitly states the above. I wrapped the
guidance in a "Warning" box given the data directory is exposed if not
locked down properly.

I would also recommend this is backpatched to 9.4. If in agreement on
the above methodology + wording, I can generate the backpatches.

Thanks,

Jonathan

[1] https://www.postgresql.org/about/news/1939/

Attachment Content-Type Size
initdb-win-v1.patch text/plain 1.4 KB

Browse pgsql-docs by date

  From Date Subject
Next Message Peter Eisentraut 2019-05-14 13:57:59 Re: SQL-2016 in docs
Previous Message Oleg Bartunov 2019-05-12 08:14:14 SQL-2016 in docs