PostgreSQL/SELinux Error - relation "pg_catalog.pg_user" does not exist

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



John Logsdon wrote:
> Well I agree you can be in as many groups as you like.  But what I meant
> was that making your primary group the same as the user means you have no
> granularity of control without adding extra groups.  It makes 0700 the
> same as 0770.  

Huh? What are you on about? 0700 is and will always be different from 0770.

Making the primary group the same as the user allows the user to 
grant/deny access to files for those who are part of his group.
> 
> I suppose as groups essentially relax security, giving each user his/her
> own groups should make a tighter ship but in practice what people do is to
> give world access when they shouldn't.  The proper solution is to add a
> group of course.  Few do this I think.

Excuse me? You are not coherent. What does each user having his own 
group and the user granting access to others have to do with sloppy 
access? The group permissions allows the user to specify that others 
don't get to access files while those users who are part of the user's 
group do. This MAKES group permissions ever more relevant, not 
immediately pointless.
> 
> But my real rant was against the sloppy access controls at installation
> time which means that the regular user can look at all sorts of system
> things they shouldn't.  I don't know of any automatic hardening procedure
> that can correct this.
> 

Example? What should not a user look at assuming they know enough to 
even look for the file.

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux