The Hermit Hacker <scrappy(at)hub(dot)org> writes:
> is there any reason why we can't make the permissions on pg_hba.conf 600
> vs 400? the data directory itself is only readable by the 'superuser'...
I think the motivation may have been to prevent an attacker who manages
to connect as superuser from overwriting the pg_hba.conf file with
something more liberal (using backend-side COPY). However, if he's
already managed to connect as superuser, it's difficult to see what
he needs more-liberal connection privileges for.
600 does seem a lot more convenient for the admin. 400 might save
the admin from some simple kinds of human error --- but not if he's
already in the habit of overriding the protection whenever he updates
In short, I agree. Does anyone else see any real security gain from
making it 400?
regards, tom lane
In response to
pgsql-hackers by date
|Next:||From: Tom Lane||Date: 2000-02-01 03:52:37|
|Subject: Re: [HACKERS] freefuncs.c is never called from anywhere!? |
|Previous:||From: Bruce Momjian||Date: 2000-02-01 03:38:02|
|Subject: Re: [HACKERS] Re: Case-folding bogosity in new psql|