Re: BUG #2088: logfiles only readable by instance owner

On Fri, Dec 02, 2005 at 12:59:17PM -0500, Bruce Momjian wrote:
> Dick Snippe wrote:
> > On Fri, Dec 02, 2005 at 12:30:17AM -0500, Tom Lane wrote:
> >
> > > "Dick Snippe" <Dick(dot)Snippe(at)tech(dot)omroep(dot)nl> writes:
> > > > setting umask 077 makes sense for the data files, but not per se for the
> > > > logfile.
> > >
> > > The logfile typically contains data just as sensitive as the data files,
> >
> > true.
> >
> > > so I disagree.
> >
> > we run postgresql as a database engine behind a number of websites.
> > Typically all the data in the database is public data . It would be very
> > nice if there was a method of letting our developers _read_ the logfile,
> > without giving them _write_ access to the data files.
> >
> > What wrong with making this configurable?
>
> We can't add every features that people ask for or our software would be
> unusable. If your log files recycle at midnight, can't you run a cron
> job to chmod it? I suppose if you can find other users who would like
> to set the mode flags on the file, we can add it.

Would it be possible to rely on setting umask in the shell instead of
hardcoding 077? I guess that would end up being dependant on different
startup scripts though, so it's probably not a good idea.

An alternative is to just use syslog. Or I believe you could use a
log-rotation program that allows you to define permissions and tell
PostgreSQL not to rotate.
--
Jim C. Nasby, Sr. Engineering Consultant jnasby(at)pervasive(dot)com
Pervasive Software http://pervasive.com work: 512-231-6117
vcard: http://jim.nasby.net/pervasive.vcf cell: 512-569-9461