Thread

  1. Installation permissions

    Michael Richards <miker@scifair.acadiau.ca> — 1999-07-06T21:49:58Z

    Hi.
    For some time I've been staring at the installation procedure and shaking
    my head. It looks to me like someone took the rule of least privlege to an
    extreme. Although I believe it is important to be able to install postgres
    if you do not have root access, I think this represents a minority of
    users.
    
    I think most SA's would prefer to be able to make;make install and have
    postgres install itself and set the permission rather than su'ing to the
    postgres user and building/installing that way. Am I the only one who
    thinks that the install procedure is more complex than it needs to be?
    
    Also, I've noted the permissions of the installed binaries as a potential
    security risk. A small one, but still... Suppose a user found a buffer
    overrun in postgres (I don't think this would be too hard to do) they
    could gain access to the postgres account and use that to trojan the
    postgres binaries. The solution would of course be to install the binaries
    owned by root. I normally do this manually, but I think it should be an
    install thing.
    
    If people think these two ideas are good ones, I can easily come up with
    patches for the install.
    
    -Michael