Re: Securing "make check" (CVE-2014-0067)

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Noah Misch <noah@leadboat.com>
Cc: Andrew Dunstan <andrew@dunslane.net>, Magnus Hagander <magnus@hagander.net>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2014-03-03T06:29:00Z
Lists: pgsql-hackers
Noah Misch <noah@leadboat.com> writes:
> Concerning the immediate fix for non-Windows systems, does any modern system
> ignore modes of Unix domain sockets?  It appears to be a long-fixed problem:

What I was envisioning was that we'd be relying on the permissions of the
containing directory to keep out bad guys.  Permissions on the socket
itself might be sufficient, but what does it save us to assume that?

			regards, tom lane


Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Have config_sspi_auth() permit IPv6 localhost connections.

  2. Lock down regression testing temporary clusters on Windows.

  3. Use a separate temporary directory for the Unix-domain socket

  4. Secure Unix-domain sockets of "make check" temporary clusters.