Skip site navigation (1) Skip section navigation (2)

Re: [INTERFACES] pg_pwd

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Sergio A(dot) Kessler" <ser(at)perio(dot)unlp(dot)edu(dot)ar>
Cc: Lamar Owen <lamar(dot)owen(at)wgcr(dot)org>, "pgsql-interfaces(at)postgreSQL(dot)org" <pgsql-interfaces(at)postgreSQL(dot)org>
Subject: Re: [INTERFACES] pg_pwd
Date: 1999-11-19 22:43:22
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-interfaces
"Sergio A. Kessler" <ser(at)perio(dot)unlp(dot)edu(dot)ar> writes:
>> See doc/TODO.detail/pg_shadow.

> where ? can you post an absolute url ?

Sorry, I forgot that the TODO.detail files are not in the 6.5.*
distribution (they got added to the CVS repository since 6.5).
I'm not sure if they are available separately at the website (Bruce?).
I know you could get them by downloading a current snapshot...

>>>> and why is world =writable & readable= ?
>>>> (hey, everybody, wanna know my passwd ?)
>> It's not really a security hole because it lives inside a directory
>> that's mode 700 (unless you tampered with the default permissions
>> setup). 

> in rh6.1 /var/lib/pgsql is 755 (and no, I haven't changed anything)
> can you spell "2_KM_DIAMETER_HOLE" ?

In a standard setup, pg_pwd is inside .../pgsql/data which is mode 700.
Have the RH guys really blown it this badly?  (Lamar?)

			regards, tom lane


pgsql-interfaces by date

Next:From: Mads PultzDate: 1999-11-19 22:47:25
Subject: JDBC compliancy question
Previous:From: Sergio A. KesslerDate: 1999-11-19 22:08:59
Subject: Re: [INTERFACES] pg_pwd

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group