Re: Directory/File Access Permissions for COPY and Generic File Access Functions
| От | Tom Lane |
|---|---|
| Тема | Re: Directory/File Access Permissions for COPY and Generic File Access Functions |
| Дата | |
| Msg-id | 25613.1414599277@sss.pgh.pa.us обсуждение исходный текст |
| Ответ на | Re: Directory/File Access Permissions for COPY and Generic File Access Functions (Stephen Frost <sfrost@snowman.net>) |
| Ответы |
Re: Directory/File Access Permissions for COPY and Generic
File Access Functions
|
| Список | pgsql-hackers |
Stephen Frost <sfrost@snowman.net> writes:
> * Alvaro Herrera (alvherre@2ndquadrant.com) wrote:
>> Users cannot create a hard link to a file they can't already access.
> The specifics actually depend on (on Linux, at least) the value of
> /proc/sys/fs/protected_hardlink, which has existed in upstream since 3.6
> (not sure about the RHEL kernels, though I expect they've incorporated
> it also at some point along the way).
No such file in RHEL 6.6 :-(.
What the POSIX spec for link(2) says is
[EACCES] A component of either path prefix denies search permission, or the requested link requires writing in a
directorythat denies write permission, or the calling process does not have permission to access the existing file and
thisis required by the implementation.
It's not very clear what "access" means, and in any case this wording
gives implementors permission to not enforce anything at all in that
line. Whether particular flavors of Linux do or not doesn't help us
much, because other popular platforms clearly don't enforce it.
regards, tom lane
В списке pgsql-hackers по дате отправления: