| From: | Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org> |
|---|---|
| To: | Gregory Stark <stark(at)enterprisedb(dot)com> |
| Cc: | Simon Arlott <simon(at)arlott(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: BUG #3809: SSL "unsafe" private key permissions bug |
| Date: | 2007-12-08 21:25:07 |
| Message-ID: | 20071208212507.GC13665@alvh.no-ip.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
Gregory Stark wrote:
> So for example if the key directory lay on an FAT filesystem which doesn't
> have unix bit per file the only way to satisfy the check would be to mount the
> filesystem with the option to make every file in the filesystem have those
> bits. Storing your keys on a usb stick (which usually use fat filesystems)
> isn't really such a crazy idea either.
Storing a server SSL key on a USB stick is not crazy? I don't follow.
What use case do you have for that?
--
Alvaro Herrera http://www.amazon.com/gp/registry/CTMLCN8V17R4
"La persona que no quería pecar / estaba obligada a sentarse
en duras y empinadas sillas / desprovistas, por cierto
de blandos atenuantes" (Patricio Vogel)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2007-12-08 21:25:10 | Re: [HACKERS] BUG #3799: csvlog skips some logs |
| Previous Message | Gregory Stark | 2007-12-08 21:09:01 | Re: BUG #3809: SSL "unsafe" private key permissions bug |