On Wed, Oct 29, 2014 at 12:00 PM, Andres Freund <and...@2ndquadrant.com> wrote: > It's possible to do this securely by doing a fstat() and checking the > link count.
Good point. >> And it >> still doesn't protect against the case where you hardlink to a file >> and then the permissions on that file are later changed. > > Imo that's simply not a problem that we need to solve - it's much more > general and independent. I don't see how you can draw an arbitrary line there. We either guarantee that the logged-in user can't usurp the server's permissions, or we don't. Making it happen only sometimes in cases we're prepared to dismiss is not real security. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
