From: | "Jones, Colin" <CRJones(at)rightnowtech(dot)com> |
---|---|
To: | pgsql-hackers(at)postgresql(dot)org |
Subject: | RE: Restricting permissions on Unix socket |
Date: | 2000-10-31 20:35:55 |
Message-ID: | 67D56677795DB34482C0DBCF1AD5EC42392067@xchange-dal.rightnowtech.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Please take me off this list! I have received over 50 emails in the last 24
hours and I have no idea why I am getting them. Please look for email
address cjones(at)rightnotech(dot)com or cjones(at)rightnow(dot)com and take it out!
Thanks!
-----Original Message-----
From: Robert Kernell [mailto:kernell(at)sundog(dot)larc(dot)nasa(dot)gov]
Sent: Tuesday, October 31, 2000 3:36 PM
To: pgsql-hackers(at)postgresql(dot)org
Subject: Re: [HACKERS] Restricting permissions on Unix socket
> I'd like to add an option or two to restrict the set of users that can
> connect to the Unix domain socket of the postmaster, as an extra security
> option.
>
> I imagine something like this:
>
> unix_socket_perm = 0660
> unix_socket_group = pgusers
>
> Obviously, permissions that don't have 6's in there don't make much sense,
> but I feel this notation is the most intuitive way for admins.
>
> I'm not sure how to do the group thing, though. If I use chown(2) then
> there's a race condition, but doing savegid; create socket; restoregid
> might be too awkward? Any hints?
>
Just curious. What is a race condition?
Bob Kernell
Research Scientist
Surface Validation Group
Atmospheric Sciences Competency
Analytical Services & Materials, Inc.
email: kernell(at)sundog(dot)larc(dot)nasa(dot)gov
tel: 757-827-4631
From | Date | Subject | |
---|---|---|---|
Next Message | Kevin O'Gorman | 2000-10-31 20:50:02 | Re: how good is PostgreSQL |
Previous Message | Steve Wolfe | 2000-10-31 20:30:54 | Re: how good is PostgreSQL |