On Wed, Mar 20, 2024 at 3:11 PM Magnus Hagander <magnus@hagander.net> wrote: > I would argue that having the default permissions not allow postgres to edit it's own config files *except* for postgresql.auto.conf would be a better default than what we have now, but that's completely independent of the patch being discussed on this thread. (And FWIW also already solved on debian-based platforms for example, which but the main config files in /etc with postgres only having read permissions on them - and having the *packagers* adapt such things for their platforms in general seems like a better place).
I don't think that I agree that it's categorically better, but it might be better for some people or in some circumstances. I very much do agree that it's a packaging question rather than our job to sort out.
Right, what I meant is that making it a packaging decision is the better place. Wherever it goes, allowing the administrator to choose what fits them should be made possible.