En Wed, 28 Aug 2002 17:33:34 -0400 (EDT)
Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> escribió:
> Alvaro Herrera wrote:
> > Bruce Momjian dijo:
> > > Tom Lane wrote:
> > > > If you want to put in security restrictions that are actually useful,
> > > > where is the code to verify that PGPASSWORDFILE points at a
> > > > non-world-readable file? That needs to be there now, not later, or
> > > > we'll have people moaning about backward compatibility when we finally
> > > > do plug that hole.
> > >
> > > Agreed.
> > Point taken, will look into it later.
> Here is some code from postmaster.c that may help:
Thank you. Patch attached. Note that it also checks group access; I think
that is desired as well.
Alvaro Herrera (<alvherre[a]atentus.com>)
"Cuando mañana llegue pelearemos segun lo que mañana exija" (Mowgli)
In response to
pgsql-patches by date
|Next:||From: Tom Lane||Date: 2002-08-29 05:22:14|
|Subject: Re: small mistakes in func.sgml |
|Previous:||From: Tom Lane||Date: 2002-08-29 01:50:41|
|Subject: Re: Concern about memory management with SRFs |
pgsql-general by date
|Next:||From: Andy Samuel||Date: 2002-08-29 02:58:43|
|Subject: Re: [Pgreplication-general] Master/Slave is in town!|
|Previous:||From: Martijn van Oosterhout||Date: 2002-08-28 23:18:14|
|Subject: Re: Naming-scheme for db-files|