On Thu, Oct 19, 2017 at 5:32 PM, John R Pierce <pie...@hogranch.com> wrote:
> On 10/19/2017 1:25 PM, Tomas Vondra wrote: > > Is it fine to create a subdir inside PGDATA and store our stuff > there, or will PG freak out seeing a foreign object. > > > PostgreSQL certainly does not check if there are unknown directories in > the data directory, and it will not crash and burn. But it causes all > sorts of problems, and it increases the probability of human error. > > > most importantly, ONLY the postgres system process should have access to > the pgdata directory, it should have permissions 700. your apps should be > running as a different user, and that user won't have access to said PGDATA. > Untrusted languages in the server, and superuser use of COPY, count as "applications" that are going to be running under the postgres user as far as the O/S is concerned. I do agree that external applications should communicate with the server via a session and not by mutual knowledge of a filesystem location. I too would recommend not conflating system-related data that belongs in PGDATA and application-related data that should reside outside of that location. D avid J.
