| From: | Christoph Berg <myon(at)debian(dot)org> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, Bruce Momjian <bruce(at)momjian(dot)us>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Relaxing SSL key permission checks |
| Date: | 2016-02-22 10:10:52 |
| Message-ID: | 20160222101052.GA31276@msg.df7cb.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Re: Tom Lane 2016-02-22 <21507(dot)1456099088(at)sss(dot)pgh(dot)pa(dot)us>
> Stephen Frost <sfrost(at)snowman(dot)net> writes:
> > Just to be clear, I'm not really against this patch as-is, but it
> > shouldn't be a precedent or limit us from supporting more permissive
> > permissions in other areas (or even here) if there are sensible
> > use-cases for more permissive permissions.
>
> OK, and to be clear, I'm not against considering other use-cases and
> trying to do something appropriate for them. I just reject the idea
> that it's unnecessary or inappropriate for us to be concerned about
> whether secret-holding files are secure.
I added the patch to the CF: https://commitfest.postgresql.org/9/532/
(I put it under "System administration" and not under "Security"
because it concerns operation.)
Christoph
--
cb(at)df7cb(dot)de | http://www.df7cb.de/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Stehule | 2016-02-22 10:23:03 | Re: psql metaqueries with \gexec |
| Previous Message | Fabien COELHO | 2016-02-22 10:06:44 | Re: checkpointer continuous flushing - V18 |