On 4/25/13 12:09 AM, Tom Lane wrote:
> I think we need it fixed to reject any stats_temp_directory that is not
> postgres-owned with restrictive permissions. The problem here is not
> with what it deletes, it's with the insanely insecure configuration.
Yeah, the requirements should be similar to what initdb requires for
PGDATA and pg_xlog.