On Sun, Mar 02, 2014 at 05:38:38PM -0500, Noah Misch wrote: > Concerning the immediate fix for non-Windows systems, does any modern system > ignore modes of Unix domain sockets? It appears to be a long-fixed problem: > > http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-1402 > http://unix.stackexchange.com/questions/83032/which-systems-do-not-honor-socket-read-write-permissions > > Nonetheless, it would be helpful for folks to test any rare platforms they > have at hand. Start a postmaster with --unix-socket-permissions=0000 and > attempt to connect via local socket. If psql gives something other than > "psql: could not connect to server: Permission denied", please report it.
Some results are in. Both Solaris 10 and omnios-6de5e81 (OmniOS v11 r151008) ignore socket modes. That justifies wrapping the socket in a directory. -- Noah Misch EnterpriseDB http://www.enterprisedb.com -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
