Quick Links

Re: Relaxing SSL key permission checks

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Andres Freund <andres(at)anarazel(dot)de>
Cc:	Christoph Berg <myon(at)debian(dot)org>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: Relaxing SSL key permission checks
Date:	2016-02-18 15:51:57
Message-ID:	28030.1455810717@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Andres Freund <andres(at)anarazel(dot)de> writes:
> ... We don't prevent the user from making the
> configuration file world-writable either,

Maybe we should. It wasn't an issue originally, because the config files
were necessarily inside $PGDATA which we restrict permissions on. But
these days you can place the config files in places where untrustworthy
people could get at them.

regards, tom lane

In response to

Re: Relaxing SSL key permission checks at 2016-02-18 15:43:26 from Andres Freund

Responses

Re: Relaxing SSL key permission checks at 2016-02-19 01:06:11 from Stephen Frost

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Benoit Lobréau	2016-02-18 16:47:12	Re: Question about Restart point and checkpoint_segments
Previous Message	Alexander Korotkov	2016-02-18 15:51:24	Re: WIP: Access method extendability