Noah Misch <n...@leadboat.com> writes: > On Thu, Mar 06, 2014 at 12:44:34PM -0500, Tom Lane wrote: >> I'm inclined to suggest that we should put the socket under $CWD by >> default, but provide some way for the user to override that choice. >> If they want to put it in /tmp, it's on their head as to how secure >> that is. On most modern platforms it'd be fine.
> I am skeptical about the value of protecting systems with non-sticky /tmp, but > long $CWD isn't of great importance, either. I'm fine with your suggestion. > Though the $CWD or one of its parents could be world-writable, that would > typically mean an attacker could just replace the test cases directly. If the build tree is world-writable, that is clearly Not Our Fault. regards, tom lane -- Sent via pgsql-hackers mailing list (firstname.lastname@example.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers