Skip site navigation (1) Skip section navigation (2)

Restricting permissions on Unix socket

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org>
Subject: Restricting permissions on Unix socket
Date: 2000-10-31 20:50:46
Message-ID: Pine.LNX.4.21.0010312136190.1073-100000@peter.localdomain (view raw, whole thread or download thread mbox)
Lists: pgsql-hackers
I'd like to add an option or two to restrict the set of users that can
connect to the Unix domain socket of the postmaster, as an extra security

I imagine something like this:

unix_socket_perm = 0660
unix_socket_group = pgusers

Obviously, permissions that don't have 6's in there don't make much sense,
but I feel this notation is the most intuitive way for admins.

I'm not sure how to do the group thing, though.  If I use chown(2) then
there's a race condition, but doing savegid; create socket; restoregid
might be too awkward?  Any hints?

Peter Eisentraut      peter_e(at)gmx(dot)net


pgsql-hackers by date

Next:From: Kevin O'GormanDate: 2000-10-31 21:00:38
Subject: Contexts
Previous:From: Kevin O'GormanDate: 2000-10-31 20:50:02
Subject: Re: how good is PostgreSQL

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group