Quick Links

Re: Support custom socket directory in pg_upgrade

From:	Daniel Gustafsson <daniel(at)yesql(dot)se>
To:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc:	Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject:	Re: Support custom socket directory in pg_upgrade
Date:	2018-11-17 21:15:08
Message-ID:	A7BD0B64-8B0A-406A-A185-D72681964CF1@yesql.se
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

> On 15 Nov 2018, at 22:42, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:

> Further point about that: pg_regress's method of creating a temp
> directory under /tmp is secure only on machines with the stickybit
> set on /tmp; otherwise it's possible for an attacker to rename the
> temp dir out of the way and inject his own socket. We agreed that
> that was an okay risk to take for testing purposes, but I'm much
> less willing to assume that it's okay for production use with
> pg_upgrade.

That’s a good point, it’s not an assumption I’d be comfortable with when it
deals with system upgrades.

cheers ./daniel

In response to

Re: Support custom socket directory in pg_upgrade at 2018-11-15 21:42:00 from Tom Lane

Responses

Re: Support custom socket directory in pg_upgrade at 2018-12-07 07:10:08 from Noah Misch

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Tomas Vondra	2018-11-17 23:11:54	Re: valgrind issues on Fedora 28
Previous Message	Tom Lane	2018-11-17 21:01:49	Re: Now/current_date and proleakproof