From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Stephen Frost <sfrost(at)snowman(dot)net> |
Cc: | Andres Freund <andres(at)anarazel(dot)de>, Christoph Berg <myon(at)debian(dot)org>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Relaxing SSL key permission checks |
Date: | 2016-02-19 04:22:01 |
Message-ID: | 23650.1455855721@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Stephen Frost <sfrost(at)snowman(dot)net> writes:
> * Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
>> I completely disagree that those file-permissions checks are useless.
> If that's something you're concerned with then the right answer is to
> monitor the file permissions- and there are tools which do exactly that.
> I disagree that it's PG's charter to do that and, frankly, you *won't*
> be told, in most cases, promptly about such a change.
I will just quote this bit from "man ssh":
~/.ssh/identity
~/.ssh/id_dsa
~/.ssh/id_ecdsa
~/.ssh/id_rsa
Contains the private key for authentication. These files contain
sensitive data and should be readable by the user but not acces-
sible by others (read/write/execute). ssh will simply ignore a
private key file if it is accessible by others.
Now, I have heard it argued that the OpenSSH/L authors are a bunch of
idiots who know nothing about security. But it's not like insisting
on restrictive permissions on key files is something we invented out
of the blue. It's pretty standard practice, AFAICT.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Joshua D. Drake | 2016-02-19 04:55:36 | Re: Relaxing SSL key permission checks |
Previous Message | Chapman Flack | 2016-02-19 04:15:40 | MinGW / Windows / printf format specifiers |