diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2008-03-31 02:43:14 +0000 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2008-03-31 02:43:14 +0000 |
| commit | 3405f2b92532cb9559aed1316b3df2262aaadaef (patch) | |
| tree | 7bc8067b5b80cef7ef751871efc07eef34ce91d2 /src/backend/libpq | |
| parent | c5f11f9d19964b8dc568bc4b9bfff7d31ee26db0 (diff) | |
| download | postgresql-3405f2b92532cb9559aed1316b3df2262aaadaef.tar.gz | |
Use error message wordings for permissions checks on .pgpass and SSL private
key files that are similar to the one for the postmaster's data directory
permissions check. (I chose to standardize on that one since it's the most
heavily used and presumably best-wordsmithed by now.) Also eliminate explicit
tests on file ownership in these places, since the ensuing read attempt must
fail anyway if it's wrong, and there seems no value in issuing the same error
message for distinct problems. (But I left in the explicit ownership test in
postmaster.c, since it had its own error message anyway.) Also be more
specific in the documentation's descriptions of these checks. Per a gripe
from Kevin Hunter.
Diffstat (limited to 'src/backend/libpq')
| -rw-r--r-- | src/backend/libpq/be-secure.c | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c index 923ad6bcb3..d036947176 100644 --- a/src/backend/libpq/be-secure.c +++ b/src/backend/libpq/be-secure.c @@ -11,7 +11,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.83 2008/01/01 19:45:49 momjian Exp $ + * $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.84 2008/03/31 02:43:14 tgl Exp $ * * Since the server static private key ($DataDir/server.key) * will normally be stored unencrypted so that the database @@ -735,7 +735,7 @@ initialize_SSL(void) errmsg("could not load server certificate file \"%s\": %s", SERVER_CERT_FILE, SSLerrmessage()))); - if (stat(SERVER_PRIVATE_KEY_FILE, &buf) == -1) + if (stat(SERVER_PRIVATE_KEY_FILE, &buf) != 0) ereport(FATAL, (errcode_for_file_access(), errmsg("could not access private key file \"%s\": %m", @@ -750,13 +750,12 @@ initialize_SSL(void) * directory permission check in postmaster.c) */ #if !defined(WIN32) && !defined(__CYGWIN__) - if (!S_ISREG(buf.st_mode) || (buf.st_mode & (S_IRWXG | S_IRWXO)) || - buf.st_uid != geteuid()) + if (!S_ISREG(buf.st_mode) || buf.st_mode & (S_IRWXG | S_IRWXO)) ereport(FATAL, (errcode(ERRCODE_CONFIG_FILE_ERROR), - errmsg("unsafe permissions on private key file \"%s\"", + errmsg("private key file \"%s\" has group or world access", SERVER_PRIVATE_KEY_FILE), - errdetail("File must be owned by the database user and must have no permissions for \"group\" or \"other\"."))); + errdetail("Permissions should be u=rw (0600) or less."))); #endif if (!SSL_CTX_use_PrivateKey_file(SSL_context, |