Re: pgsql: Allow root-owned SSL private keys in libpq, not only the backend
| От | Peter Eisentraut |
|---|---|
| Тема | Re: pgsql: Allow root-owned SSL private keys in libpq, not only the backend |
| Дата | |
| Msg-id | 7f85ef6d-250b-f5ec-9867-89f0b16d019f@enterprisedb.com обсуждение исходный текст |
| Ответ на | pgsql: Allow root-owned SSL private keys in libpq, not only the backend (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: pgsql: Allow root-owned SSL private keys in libpq, not only the backend
|
| Список | pgsql-committers |
On 02.03.22 17:57, Tom Lane wrote:
> Allow root-owned SSL private keys in libpq, not only the backend.
>
> This change makes libpq apply the same private-key-file ownership
> and permissions checks that we have used in the backend since commit
> 9a83564c5. Namely, that the private key can be owned by either the
> current user or root (with different file permissions allowed in the
> two cases). This allows system-wide management of key files, which
> is just as sensible on the client side as the server, particularly
> when the client is itself some application daemon.
>
> Sync the comments about this between libpq and the backend, too.
>
> Back-patch of a59c79564 and 50f03473e into all supported branches.
I think this
libpq_gettext("private key file \"%s\" is not a regular file"),
should have a trailing newline in the string.
В списке pgsql-committers по дате отправления: