| From: | Noah Misch <noah(at)leadboat(dot)com> |
|---|---|
| To: | YAMAMOTO Takashi <yamt(at)netbsd(dot)org> |
| Cc: | bruce(at)momjian(dot)us, tgl(at)sss(dot)pgh(dot)pa(dot)us, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Securing "make check" (CVE-2014-0067) |
| Date: | 2014-04-04 03:49:54 |
| Message-ID: | 20140404034954.GD325418@tornado.leadboat.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, Apr 04, 2014 at 02:36:05AM +0000, YAMAMOTO Takashi wrote:
> > Thanks. To avoid socket path length limitations, I lean toward placing the
> > socket temporary directory under /tmp rather than placing under the CWD:
> >
> > http://www.postgresql.org/message-id/flat/20121129223632(dot)GA15016(at)tornado(dot)leadboat(dot)com
>
> openvswitch has some tricks to overcome the socket path length
> limitation using symlink. (or procfs where available)
> iirc these were introduced for debian builds which use deep CWD.
That's another reasonable approach. Does it have a notable advantage over
placing the socket in a subdirectory of /tmp? Offhand, the security and
compatibility consequences look similar.
--
Noah Misch
EnterpriseDB http://www.enterprisedb.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Etsuro Fujita | 2014-04-04 04:35:21 | A question about code in DefineRelation() |
| Previous Message | Tom Lane | 2014-04-04 03:44:46 | Re: B-Tree support function number 3 (strxfrm() optimization) |