On Fri, Aug 19, 2005 at 08:03:39AM -0700, Stephan Szabo wrote:
> On Fri, 19 Aug 2005, Bernard wrote:
> > But we can take this one step further so that we don't even need to
> > trust ourselves:
> > The logical next step is that for a non-postgresql-superuser user,
> > COPY FROM files have to be world-readable and COPY TO files and
> > directories have to be world-writable. The server checks the file
> > attributes and grants copy permission depending on them. Obviously any
> > Postrgres system files must not be world-readable and world-writable.
> > Problem solved. One doesn't need to be a genius to figure this out.
> No, it's not solved. It prevents that problem for the configuration
> files, but still gives access to other world readable files on the system
> for example /etc/passwd on many systems (yes it's not terribly interesting
> in general, but still is often not acceptable to retrieve).
> You'd probably want to add the ability to setup which directories that are
> allowed to be read or written to as configuration separately from unix
> file permissions.
FWIW, this is exactly what Oracle does. A DBA has to configure what
directories you can bulk copy to/from.
Jim C. Nasby, Sr. Engineering Consultant jnasby(at)pervasive(dot)com
Pervasive Software http://pervasive.com 512-569-9461
In response to
pgsql-bugs by date
|Next:||From: Michael Fuhr||Date: 2005-08-20 03:03:48|
|Subject: Re: BUG #1831: plperl gives error after reconnect.|
|Previous:||From: Tom Lane||Date: 2005-08-19 18:40:20|
|Subject: Re: Operator "=" not unicode-safe? |
pgsql-general by date
|Next:||From: Nugroho Laison||Date: 2005-08-19 22:01:38|
|Subject: Beginner - Help for pgsql 8.0.3 win32 platform|
|Previous:||From: Carlos Oliva||Date: 2005-08-19 20:35:59|
|Subject: Re: Installing soundex, metaphone, lenshtein|