| From: | Holger Klawitter <lists(at)klawitter(dot)de> |
|---|---|
| To: | "Postgres-Mailing-List" <pgsql-general(at)postgresql(dot)org> |
| Subject: | required rights for PGDATA |
| Date: | 2003-01-27 11:44:17 |
| Message-ID: | 200301271244.17748.lists@klawitter.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi there,
I have the problem that I need to have a group of users (namely postgres and
the dbadmin) with access to pg_hba.conf.
As postgres (the user under with the process is actually running) cannot
obtain a shell, I need group access to the data directory in order to
configure postgres.
drwxrwx--- 6 postgres postgres 4096 Jan 27 10:14 data/
However postgres refuses to start with 0770 permission.
In my case this additional security measure bites itself as now I need to
grant su to dbadmin and moreover grant a shell access to postgres.
Some Suggestions:
1.) the check can be made configurable (with the strict one as default)
2.) groups below 100 are okay.
3.) default group of the postgres user is okay.
4.) the group 'postgres' is okay.
That do you all think?
With kind regards / mit freundlichem Gruß
Holger Klawitter
--
Holger Klawitter http://www.klawitter.de
lists(at)klawitter(dot)de
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Nigel J. Andrews | 2003-01-27 12:26:47 | Re: required rights for PGDATA |
| Previous Message | jerome | 2003-01-27 08:52:50 | getting weekly total based on daily... |