[EMAIL PROTECTED] wrote:
>Number 2
> postgesql 6.3-2
>Dpkg could not config postgresql due to problems in initdb. I tried to run
>initdb manually as user postgres from the postgres home dir /var/lib/postgre
>s
>but this didnĀ“t work because initdb could not find other programs (pg_id and
>postgres). After adding /usr/lib/postgresql/bin to PATH it worked.
>dpkg -configure worked also after that.
In the next release I name the whole path in the `su - postgres -c "initdb
..."'
statement. The problem arises from the use of secure-su.
>
>Question: Is there a security problem when giving the user postgres a shell?
Since root is not allowed to modify a PostgreSQL database, it is necessary for
postgres to have a shell so that it is possible to run PostgreSQL
administrative commands. Treat the postgres password with the same care
as you would the root password. Alternatively, make it a no-login account
so that only root can get to it (by `su - postgres').
--
Oliver Elphick [EMAIL PROTECTED]
Isle of Wight http://www.lfix.co.uk/oliver
PGP key from public servers; key ID 32B8FAA1
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
