Re: pg_upgrade using appname to lock out other users

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Bruce Momjian <bruce@momjian.us>
Cc: Peter Eisentraut <peter_e@gmx.net>, Robert Haas <robertmhaas@gmail.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2011-06-15T21:50:15Z
Lists: pgsql-hackers
Bruce Momjian <bruce@momjian.us> writes:
> Peter Eisentraut wrote:
>> On non-Windows servers you could get this even safer by disabling the
>> TCP/IP socket altogether, and placing the Unix-domain socket in a
>> private temporary directory.  The "port" wouldn't actually matter then.

> Yes, it would be nice to just create the socket in the current
> directory.  The fact it doesn't work on Windows would cause our docs to
> have to differ for Windows, which seems unfortunate.

It still wouldn't be bulletproof against someone running as the postgres
user, so probably not worth the trouble.

			regards, tom lane