| From: | Markus Bräunig <markus(at)braeunig(dot)biz> |
|---|---|
| To: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
| Cc: | PostgreSQL mailing lists <pgsql-bugs(at)postgresql(dot)org> |
| Subject: | Re: BUG #14586: Permissions of recovery.conf are different in plain and tar-format |
| Date: | 2017-03-13 09:08:39 |
| Message-ID: | VI1PR0101MB2383EEF34EE484CE2EFD5F3AB7250@VI1PR0101MB2383.eurprd01.prod.exchangelabs.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
I just tried it and pg_basebackup doesn't create a folder by itself or changes the umask (RH 7.3).
Beside this I think it would be better not to just trust the permissions of the datadir above (Defense in depth).
________________________________
Von: Michael Paquier <michael(dot)paquier(at)gmail(dot)com>
Gesendet: Montag, 13. März 2017 07:51
An: Markus Bräunig
Cc: PostgreSQL mailing lists
Betreff: Re: [BUGS] BUG #14586: Permissions of recovery.conf are different in plain and tar-format
On Fri, Mar 10, 2017 at 5:00 PM, <markus(at)braeunig(dot)biz> wrote:
> The option "--write-recovery-conf" of pg_basebackup creates a valid
> recovery.conf but misses to apply secure file permissions when the default
> format (plain) is used.
>
> If you tar the result (-F t), the recovery.conf inside the base.tar has the
> permissions 0600.
> In plain format the umask of the actual user is applied and the permissions
> are e.g. 0644.
>
> Because plain passwords are possible in this file, I would suggest to unify
> this behavior and change the permissions to 0600 in both cases.
It does not matter much. Backup folder created by pg_basebackup has
0700 as umask.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Meskes | 2017-03-13 20:05:41 | Re: [HACKERS] Two phase commit in ECPG |
| Previous Message | Michael Paquier | 2017-03-13 06:51:47 | Re: BUG #14586: Permissions of recovery.conf are different in plain and tar-format |