On Wed, Mar 20, 2024 at 3:11 PM Magnus Hagander <magnus@hagander.net> wrote:
> I would argue that having the default permissions not allow postgres to edit it's own config files *except* for
postgresql.auto.confwould be a better default than what we have now, but that's completely independent of the patch
beingdiscussed on this thread. (And FWIW also already solved on debian-based platforms for example, which but the main
configfiles in /etc with postgres only having read permissions on them - and having the *packagers* adapt such things
fortheir platforms in general seems like a better place).
I don't think that I agree that it's categorically better, but it
might be better for some people or in some circumstances. I very much
do agree that it's a packaging question rather than our job to sort
out.
--
Robert Haas
EDB: http://www.enterprisedb.com