I'd like to add an option or two to restrict the set of users that can
connect to the Unix domain socket of the postmaster, as an extra security
I imagine something like this:
unix_socket_perm = 0660
unix_socket_group = pgusers
Obviously, permissions that don't have 6's in there don't make much sense,
but I feel this notation is the most intuitive way for admins.
I'm not sure how to do the group thing, though. If I use chown(2) then
there's a race condition, but doing savegid; create socket; restoregid
might be too awkward? Any hints?
Peter Eisentraut peter_e(at)gmx(dot)net http://yi.org/peter-e/
pgsql-hackers by date
|Next:||From: Kevin O'Gorman||Date: 2000-10-31 21:00:38|
|Previous:||From: Kevin O'Gorman||Date: 2000-10-31 20:50:02|
|Subject: Re: how good is PostgreSQL|