subject:"Enhance security permissions"

Re: Enhance security permissions

2025-11-04 Thread Bryan Green

On 11/4/2025 7:17 AM, Ranier Vilela wrote: > Hi. > > Em ter., 4 de nov. de 2025 às 09:44, Bryan Green > escreveu: > > On 11/4/2025 6:20 AM, Ranier Vilela wrote: > > Hi. > > > > I noticed this while checking the source (src/interfaces/libpq/fe- >

Re: Enhance security permissions

2025-11-04 Thread Ranier Vilela

Hi. Em ter., 4 de nov. de 2025 às 09:44, Bryan Green escreveu: > On 11/4/2025 6:20 AM, Ranier Vilela wrote: > > Hi. > > > > I noticed this while checking the source (src/interfaces/libpq/fe- > > connect.c). > > It seems that S_IRWXU permission is harmful too. > > > > In accord with [1] and [2] t

Re: Enhance security permissions

2025-11-04 Thread Bryan Green

On 11/4/2025 6:20 AM, Ranier Vilela wrote: > Hi. > > I noticed this while checking the source (src/interfaces/libpq/fe- > connect.c). > It seems that S_IRWXU permission is harmful too. > > In accord with [1] and [2] this should also be checked. > Also, all other places in the source, S_IRWXU are

Enhance security permissions

2025-11-04 Thread Ranier Vilela

Hi. I noticed this while checking the source (src/interfaces/libpq/fe-connect.c). It seems that S_IRWXU permission is harmful too. In accord with [1] and [2] this should also be checked. Also, all other places in the source, S_IRWXU are checked. So, I propose adding this check to enhance the se