On Tue, Jan 30, 2024 at 10:48 PM Tom Lane <t...@sss.pgh.pa.us> wrote: > > Robert Haas <robertmh...@gmail.com> writes: > > There's nothing wrong with that exactly, but what does it gain us over > > my proposal of a sentinel file? > > I was imagining using selinux and/or sepgsql to directly prevent > writing postgresql.auto.conf from the Postgres account. Combine that > with a non-Postgres-owned postgresql.conf (already supported) and you > have something that seems actually bulletproof, rather than a hint. > Admittedly, using that approach requires knowing something about a > non-Postgres security mechanism.
Wouldn't a simple "chattr +i postgresql.auto.conf" work? -- Magnus Hagander Me: https://www.hagander.net/ Work: https://www.redpill-linpro.com/
