On Wed, Oct 29, 2014 at 12:00 PM, Andres Freund <[email protected]> wrote: > It's possible to do this securely by doing a fstat() and checking the > link count.
Good point. >> And it >> still doesn't protect against the case where you hardlink to a file >> and then the permissions on that file are later changed. > > Imo that's simply not a problem that we need to solve - it's much more > general and independent. I don't see how you can draw an arbitrary line there. We either guarantee that the logged-in user can't usurp the server's permissions, or we don't. Making it happen only sometimes in cases we're prepared to dismiss is not real security. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
