tag:blogger.com,1999:blog-2356137376934964551.post4828445870526397218..comments2023-06-14T06:01:24.499-04:00Comments on Andrew Dunstan's PostgreSQL and Technical blog: A little permissions problemAndrew Dunstanhttp://www.blogger.com/profile/04684286585449188201noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-2356137376934964551.post-66901330260155751052015-10-28T04:20:57.985-04:002015-10-28T04:20:57.985-04:00The postgresql package (note: not postgresql sourc...The postgresql package (note: not postgresql source) is designed by default to run as the postgres user. It isn't that users are being thrown under the bus, it is that the users are expected to do it a certain way, the right way. You are not a user, you are a hacker. Your requirements are different and you are obviously capable of handling the issue without sacrificing the quality of the experience for that who are not hackers.linuxhikerhttps://www.blogger.com/profile/00447761048388485835noreply@blogger.comtag:blogger.com,1999:blog-2356137376934964551.post-75717649651046723112015-10-26T08:31:23.166-04:002015-10-26T08:31:23.166-04:00So we protect the postgres user and throw everyone...So we protect the postgres user and throw everyone else under the bus? If there is a significant race condition problem with the fact that Postgres runs on multi-user system this doesn't look like a good solution to me.Andrew Dunstanhttps://www.blogger.com/profile/04684286585449188201noreply@blogger.comtag:blogger.com,1999:blog-2356137376934964551.post-4106898307408378782015-10-25T18:01:21.905-04:002015-10-25T18:01:21.905-04:00That would kind of defeat the purpose of moving it...That would kind of defeat the purpose of moving it from /tmp in first place. The idea is exactly to make sure that only the postgres server account can create the socket and no race conditions are possible.Jörg Sonnenbergerhttps://www.blogger.com/profile/17767320016504222836noreply@blogger.com