Re: Re: Proposal for Allow postgresql.conf values to be changed via SQL [review]
Alvaro Herrera <alvherre@2ndquadrant.com>
From: Alvaro Herrera <alvherre@2ndquadrant.com>
To: Fujii Masao <masao.fujii@gmail.com>
Cc: Amit Kapila <amit.kapila@huawei.com>, Zoltán Böszörményi <zb@cybertec.at>, Tom Lane <tgl@sss.pgh.pa.us>, Robert Haas <robertmhaas@gmail.com>, pgsql-hackers@postgresql.org
Date: 2013-01-23T18:20:51Z
Lists: pgsql-hackers
Fujii Masao escribió: > On Wed, Jan 23, 2013 at 12:24 PM, Amit Kapila <amit.kapila@huawei.com> wrote: > >> Is it safe to write something in the directory other than data > >> directory > >> via SQL? > >> > >> postgres user usually has the write permission for the configuration > >> directory like /etc/postgresql? > > > > As postgresql.conf will also be in same path and if user can change that, > > then what's the problem with postgresql.auto.conf > > If the configuration directory like /etc is owned by root and only root has > a write permission for it, the user running PostgreSQL server would not > be able to update postgresql.auto.conf there. OTOH, even in that case, > a user can switch to root and update the configuration file there. I'm not > sure whether the configuration directory is usually writable by the user > running PostgreSQL server in Debian or Ubuntu, though. Yes it is -- the /etc/postgresql/<version>/<cluster> directory (where postgresql.conf resides) is owned by user postgres. -- Álvaro Herrera http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services