From: | Bruce Momjian <bruce(at)momjian(dot)us> |
---|---|
To: | PostgreSQL-development <pgsql-hackers(at)postgreSQL(dot)org> |
Subject: | pg_upgrade and umask |
Date: | 2012-03-09 15:10:10 |
Message-ID: | 20120309151010.GA5630@momjian.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
What do people think of pg_upgrade setting its umask to 0077 so the log
and SQL files are only readable by the postgres user?
-rwx------ 1 postgres postgres 41 Mar 9 09:59 delete_old_cluster.sh*
-rw------- 1 postgres postgres 6411 Mar 8 21:56 pg_upgrade_dump_all.sql
-rw------- 1 postgres postgres 5651 Mar 8 21:56 pg_upgrade_dump_db.sql
-rw------- 1 postgres postgres 738 Mar 8 21:56 pg_upgrade_dump_globals.sql
-rw------- 1 postgres postgres 1669 Mar 8 21:56 pg_upgrade_internal.log
-rw------- 1 postgres postgres 1667 Mar 8 21:56 pg_upgrade_restore.log
-rw------- 1 postgres postgres 1397 Mar 8 21:56 pg_upgrade_server.log
-rw------- 1 postgres postgres 385 Mar 8 21:56 pg_upgrade_utility.log
The umask would also affect files it copies like clog and the data
files, but those already have only postgres permissions.
The downside is that users running pg_upgrade with 'su' or 'RUNAS' would
need to use those to inspect the log files for errors.
FYI, delete_old_cluster.sh probably has to be run as root, but root
seems able to run an executable that it doesn't own.
I am thinking it isn't worth the complexity of using umask and
restricting those files, but wanted opinions.
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ It's impossible for everything to be true. +
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2012-03-09 15:18:31 | Re: pg_upgrade and umask |
Previous Message | Thom Brown | 2012-03-09 15:09:04 | Re: Command Triggers, patch v11 |