Re: Improved security for https://www.postgresql.org/docs/current/install-make.html

You'll want to update the existing page then! :-)

My point was mostly that I did a fresh 'git clone', followed the
instructions, and was immediately hit by a "permission denied" error
because the make script tried to create a directory under /usr/local. It
wasn't clear whether that was the only thing that required root access. The
script I provided was one approach, but it can be greatly simplified if all
that's required is creating the directory and chancing its ownership prior
to running the 'make install'.

(I still think it's a Good Idea to separate compilation and
deployment/'installation but that's a separate issue.)

Bear

On Mon, Nov 11, 2024 at 8:32 AM Peter Eisentraut <peter(at)eisentraut(dot)org>
wrote:

> On 06.11.24 22:58, PG Doc comments form wrote:
> > The 'short' script can then be rewritten as
> >
> > ```
> > # work done as a regular user
> > ./configure
> > make build
> >
> > # work that requires ROOT access
> > su
> > mkdir /usr/local/pgsql/data
> > chown (current user):(current group) /usr/local/pgsql
> > adduser --system --group postgres
> > exit
> >
> > # work that requires POSTGRES access
> > su -u postgres
> > make install installdirs
> > exit
>
> We don't want the installed files to be owned by postgres. That would
> mean that a compromised PostgreSQL server (running as "postgres") could
> overwrite its own installation files. You don't have to use "root" for
> the installation, of course, but it should be separate from "postgres".
>
>