Re: [HACKERS] mode of libs
| От | Thomas G. Lockhart |
|---|---|
| Тема | Re: [HACKERS] mode of libs |
| Дата | |
| Msg-id | 34F4FFFD.8AD82FA7@alumni.caltech.edu обсуждение исходный текст |
| Ответ на | Re: [HACKERS] mode of libs (Bruce Momjian <maillist@candle.pha.pa.us>) |
| Ответы |
Re: [HACKERS] mode of libs
|
| Список | pgsql-hackers |
> > Well, the data directory itself is protected from anyone other than the postgres
> > account, so it may not matter as much if an individual file is not right. My (former)
> > Ingres installation had the directory protected, and then permissions of 777 on all the
> > directories and files within it as I recall...
> >
> > We should fix it up to match the protections on other files though...
>
> Not true. As long as someone has read or execute permission on a
> directory, they can read/write any file in that directory they have
> permission for. What they can't do is add or delete file based on the
> directory permission.
Sure. I must be missing the point (as usual :), because my directory protections look like:
golem> dir
...
142 drwx------ 3 postgres postgres 1024 Feb 24 03:38 data/
...
golem> dir data
ls: data: Permission denied
golem> dir data/pg_pwd
ls: data/pg_pwd: Permission denied
golem> cat data/pg_pwd
cat: data/pg_pwd: Permission denied
??
- Tom
В списке pgsql-hackers по дате отправления: