Skip site navigation (1) Skip section navigation (2)

Re: Bug in createlang?

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Peter Eisentraut <peter_e(at)gmx(dot)net>
Cc: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>, Richard Huxton <dev(at)archonet(dot)com>, "Thomas T(dot) Veldhouse" <veldy(at)veldy(dot)net>, pgsql-general(at)postgresql(dot)org
Subject: Re: Bug in createlang?
Date: 2001-09-06 15:44:24
Message-ID: 2366.999791064@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-generalpgsql-hackerspgsql-patches
Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> The fact that the database server is wide-open in the default installation
> is surely not good, but the problem is that we don't have a universally
> accepted way to lock it down.  We could make password authentication the
> default, but that would annoy a whole lot of people.

Yes, particularly for pg_dumpall scripts...

> Another option would be to set the unix domain socket permissions to
> 0200 by default, so only the user that's running the server can get
> in.  I could live with that; not sure about others.

For my purposes this would be acceptable, but I wouldn't actually want
to use 0200.  So it'd be nicer if the default socket permission were
trivially configurable (ideally as a configure switch).  Given that,
I wouldn't mind if the default were 0200.

Note that locking down the unix socket is little help if one is using a
startup script that helpfully supplies -i by default.  I am not sure
what the score is with all the startup scripts that are in various RPMs
and other platform-specific distributions; does anyone know if there are
any that ship with -i enabled?

			regards, tom lane

In response to

Responses

pgsql-hackers by date

Next:From: Peter EisentrautDate: 2001-09-06 15:45:25
Subject: Re: Build problem with CVS version
Previous:From: Alex AvrietteDate: 2001-09-06 15:43:40
Subject: Re: [GENERAL] DBD::Pg errstr method doesn't return full

pgsql-patches by date

Next:From: Bruce MomjianDate: 2001-09-06 15:49:58
Subject: Re: Bug in createlang?
Previous:From: Reinhard MaxDate: 2001-09-06 15:33:48
Subject: Re: Patch for pl/tcl Tcl_ExternalToUtf and Tcl_UtfToExternal

pgsql-general by date

Next:From: Bruce MomjianDate: 2001-09-06 15:49:58
Subject: Re: Bug in createlang?
Previous:From: Jeff EckermannDate: 2001-09-06 15:38:52
Subject: Re: template0 and template1 databases

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group