enhance-security-file-permissions-fe-secure-openssl.patch
application/octet-stream
Filename: enhance-security-file-permissions-fe-secure-openssl.patch
Type: application/octet-stream
Part: 2
Message:
Enhance security permissions
Patch
Same data as JSON:
GET /api/v1/attachments/:id/patch
the parsed metadata as JSON — format, series position, per-file stats; never the diff bytes.
API reference →
Format: unified
| File | + | − |
|---|---|---|
| src/interfaces/libpq/fe-secure-openssl.c | 1 | 1 |
diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c
index 51dd7b9fec..c8d99a3c3f 100644
--- a/src/interfaces/libpq/fe-secure-openssl.c
+++ b/src/interfaces/libpq/fe-secure-openssl.c
@@ -1264,7 +1264,7 @@ initialize_SSL(PGconn *conn)
#if !defined(WIN32) && !defined(__CYGWIN__)
if (buf.st_uid == 0 ?
buf.st_mode & (S_IWGRP | S_IXGRP | S_IRWXO) :
- buf.st_mode & (S_IRWXG | S_IRWXO))
+ buf.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO))
{
libpq_append_conn_error(conn,
"private key file \"%s\" has group or world access; file must have permissions u=rw (0600) or less if owned by the current user, or permissions u=rw,g=r (0640) or less if owned by root",