Re: BUG #3809: SSL "unsafe" private key permissions bug

Agreed. Let's look this over again in 8.4. I am feeling our
restrictions are making things _less_ secure sometimes.

This has been saved for the 8.4 release:

http://momjian.postgresql.org/cgi-bin/pgpatches_hold

---------------------------------------------------------------------------

Martin Pitt wrote:
-- Start of PGP signed section.
> Hi,
>
> Simon Arlott [2007-12-08 12:24 +0000]:
> > Bug reference: 3809
> > Logged by: Simon Arlott
> > Email address: postgresql(dot)simon(at)arlott(dot)org
> > PostgreSQL version: 8.2.4
> > Operating system: Linux 2.6.23
> > Description: SSL "unsafe" private key permissions bug
> > Details:
> >
> > FATAL: unsafe permissions on private key file "server.key"
> > DETAIL: File must be owned by the database user and must have no
> > permissions for "group" or "other".
> >
> > It should be possible to disable this check in the configuration, so those
> > of us capable of deciding what's unsafe can do so.
>
> For the same reason Debian/Ubuntu have modified this check ages ago,
> to also allow for keys which are owned by root and readable by a
> particular group. A lot of our users want to share a common SSL
> cert/key between all servers, and the upstream check makes this
> impossible. (Ubuntu sets up all server packages in a way that they all
> share a common SSL key called "snakeoil" which is generated on system
> installation. By merely replacing this with a real one, your box
> becomes sanely configured without fiddling with any configuration
> files.)
>
> I already proposed this patch two times, but it has been rejected so
> far unfortunately. But maybe it's useful for you.
>
> Martin
>
> --
> Martin Pitt http://www.piware.de
> Ubuntu Developer http://www.ubuntu.com
> Debian Developer http://www.debian.org

-- End of PGP section, PGP failed!

--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://postgres.enterprisedb.com

+ If your life is a hard drive, Christ can be your backup. +