Tom Lane wrote: > I think we should change 9.3 to be restrictive about ownership/permissions > on the stats_temp_directory (ie, require owner = postgres user, > permissions = 0700, same as for the $PGDATA directory). I agree that > back-patching such a change to the older branches is probably not a good > plan. I can't quite parse what you say above, so I'm not sure if you're > fully agreeing with that position or not. > > In addition to that, it might be a good idea to do what the comment in the > code suggests, namely do more than zero checking on each file name to try > to make sure it looks like a stats temp file name that we'd generate > before we delete it. The ownership/permissions test wouldn't be enough > to prevent you from pointing at, say, ~postgres and thereby losing some > files you'd rather not.
I will look into this. -- Álvaro Herrera http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
