Skip site navigation (1) Skip section navigation (2)

filesystem permissions and security

From: Ng Pheng Siong <phengsiong(at)gmail(dot)com>
To: pgsql-admin(at)postgresql(dot)org
Subject: filesystem permissions and security
Date: 2005-10-31 18:02:34
Message-ID: 3829471d0510311002u6c3a950axb744c95f97a11fc5@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-admin
Hi,

According to the manual from 7.3 onwards, PostgreSQL should be installed
thusly:

$ ./configure
$ gmake
$ su
# gmake install
# adduser postgres
# mkdir /usr/local/pgsql/data
# chown postgres /usr/local/pgsql/data
# su - postgres
$ /usr/local/pgsql/bin/initdb -D /usr/local/pgsql/data
<etc.>

I found a number of web pages which suggest the following:

# chown -R postgres /usr/local/pgsql

Which is obviously less secure. Dunno how those people got the idea; perhaps
from older versions' documentation?

Anyways, I'm trying to find out when the "new thinking" re filesystem
permissions came in being, and mailing list discussions on same, if any.

At my day job, I just came across Oracle installations which are "chown -R
oracle /usr/local/oracle". I'm told the vendor says to do it this way. Veni,
vidi, I couldn't believe my eyes and all that. :-)

In essence, I'm looking for "ammunition" to support my case to bring
Oracle's filesystem permissions to the higher standard set by modern
PostreSQL's.

TIA. Cheers.

pgsql-admin by date

Next:From: Subbiah, StalinDate: 2005-10-31 20:13:27
Subject: Vacuum Verbose output
Previous:From: Chris BrowneDate: 2005-10-31 16:22:25
Subject: Re: Scanners connected to the database

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group