Re: [HACKERS] mode of libs

Thomas Lockhart <lockhart@alumni.caltech.edu>

From: "Thomas G. Lockhart" <lockhart@alumni.caltech.edu>
To: Bruce Momjian <maillist@candle.pha.pa.us>
Cc: vadim@sable.krasnoyarsk.su, pgsql-hackers@postgresql.org
Date: 1998-02-26T05:39:10Z
Lists: pgsql-hackers
> > Well, the data directory itself is protected from anyone other than the postgres
> > account, so it may not matter as much if an individual file is not right. My (former)
> > Ingres installation had the directory protected, and then permissions of 777 on all the
> > directories and files within it as I recall...
> >
> > We should fix it up to match the protections on other files though...
>
> Not true.  As long as someone has read or execute permission on a
> directory, they can read/write any file in that directory they have
> permission for.  What they can't do is add or delete file based on the
> directory permission.

Sure. I must be missing the point (as usual :), because my directory protections look like:

 golem> dir
...
 142 drwx------   3 postgres postgres     1024 Feb 24 03:38 data/
...
golem> dir data
ls: data: Permission denied
golem> dir data/pg_pwd
ls: data/pg_pwd: Permission denied
golem> cat data/pg_pwd
cat: data/pg_pwd: Permission denied

??

                                          - Tom