Peter Eisentraut <[EMAIL PROTECTED]> writes: > Greg Stark writes: > > > Wouldn't at least 0750 be safe? That way putting a user in the postgres group > > would grant him access to be able to browse around and read the files in > > pg_data. > > That assumes that there is a restricted postgres group, which is not > guaranteed.
Well the current setup assumes the admin hasn't leaked the root password too. I'm not suggesting making that the default setup, just loosening the paranoia check so that if an admin sets the directory to be group readable the database doesn't refuse to start up. -- greg ---------------------------(end of broadcast)--------------------------- TIP 8: explain analyze is your friend
