Re: worried about PGPASSWORD drop

Alvaro Herrera wrote:
> Bruce Momjian dijo:
>
> > Tom Lane wrote:
>
> > > If you want to put in security restrictions that are actually useful,
> > > where is the code to verify that PGPASSWORDFILE points at a
> > > non-world-readable file?  That needs to be there now, not later, or
> > > we'll have people moaning about backward compatibility when we finally
> > > do plug that hole.
> >
> > Agreed.
>
> Point taken, will look into it later.

Here is some code from postmaster.c that may help:

    if (stat(checkdir, &stat_buf) == -1)
    {
        if (errno == ENOENT)
            elog(FATAL, "data directory %s was not found", checkdir);
        else
            elog(FATAL, "could not read permissions of directory %s: %m",
                 checkdir);
    }

    if (stat_buf.st_mode & (S_IRWXG | S_IRWXO))
        elog(FATAL, "data directory %s has group or world access; permissions should be u=rwx (0700)",
             checkdir);

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073