Re: SSL Mode

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Radoslaw Stachowiak <radek(at)alter(dot)pl>
Cc: postgresql <pgsql-admin(at)postgresql(dot)org>
Subject: Re: SSL Mode
Date: 2002-12-23 19:45:59
Message-ID: 7297.1040672759@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

Radoslaw Stachowiak <radek(at)alter(dot)pl> writes:
> and one more suggestion, as this feature is a little bit to strong IMHO.

> Common practice for such files (private keys) is to make them owned by
> root user and postgres group with 640 mode.

I don't think that's either common practice or a good idea. For one
thing, it presumes that there *is* a postgres group; which is not a
requirement we ever had before. For another, root can read or write the
file if she chooses regardless of ownership or permissions, so it's not
like doing it that way gains anything.

As a counterexample, on a setup like mine (HP-UX), all normal users are
members of group "users" and so group readability is not much safer than
world readability. If Postgres neglected to complain about mode 640
then there'd be little point in having a file-security check at all, on
this system.

IMHO the existing check is just fine, although the complaint message
could be a lot more specific (it looks to me like three distinctly
different sanity checks are being folded into one error message :-().

regards, tom lane

In response to

  • Re: SSL Mode at 2002-12-23 18:59:11 from Radoslaw Stachowiak

Responses

  • Re: SSL Mode at 2002-12-23 20:36:48 from Radoslaw Stachowiak

Browse pgsql-admin by date

  From Date Subject
Next Message Radoslaw Stachowiak 2002-12-23 20:36:48 Re: SSL Mode
Previous Message Tom Lane 2002-12-23 19:31:47 Re: locking a table