Re: Ownership/protection (was Re: [HACKERS] Portability)
| От | Peter Eisentraut |
|---|---|
| Тема | Re: Ownership/protection (was Re: [HACKERS] Portability) |
| Дата | |
| Msg-id | Pine.GSO.4.02A.9911302029570.13278-100000@Vessla.DoCS.UU.SE обсуждение исходный текст |
| Ответ на | Ownership/protection (was Re: [HACKERS] Portability) (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-hackers |
On Tue, 30 Nov 1999, Tom Lane wrote: > The difficulty with encouraging people to su to root for install is that > it's so easy to make the files root-owned and thereby create a security > problem. Perhaps the right compromise is to add a --owner switch to > "make install", and to have it refuse to install if the (given or > defaulted) ownership is "root" ? See Vince's email about the configure switch to be used in install. That is what I was shooting for. I am not sure to what extend initdb should use those settings (recall: autoconf is not for configuring run time stuff) but if you *insist* on running initdb as root (too lazy to su, forgot to, etc.) there should be an option, as there is now. > offhand I can't think of any reason that any postgres-owned processes > need to be able to write in the bin, lib, or include hierarchies. Can > anyone else think of one? They better not write there. That would certainly be a major bug. > BTW, do we have a check in the postmaster to refuse to start if its euid > is root? Shouldn't we? There is a check and it refuses to start. -- Peter Eisentraut Sernanders vaeg 10:115 peter_e@gmx.net 75262 Uppsala http://yi.org/peter-e/ Sweden
В списке pgsql-hackers по дате отправления: