Re: pg_upgrade using appname to lock out other users
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Bruce Momjian <bruce@momjian.us>
Cc: Peter Eisentraut <peter_e@gmx.net>, Robert Haas <robertmhaas@gmail.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2011-06-15T21:50:15Z
Lists: pgsql-hackers
Bruce Momjian <bruce@momjian.us> writes: > Peter Eisentraut wrote: >> On non-Windows servers you could get this even safer by disabling the >> TCP/IP socket altogether, and placing the Unix-domain socket in a >> private temporary directory. The "port" wouldn't actually matter then. > Yes, it would be nice to just create the socket in the current > directory. The fact it doesn't work on Windows would cause our docs to > have to differ for Windows, which seems unfortunate. It still wouldn't be bulletproof against someone running as the postgres user, so probably not worth the trouble. regards, tom lane