Participants
Joshua Jore
Joshua Jore
Peter Eisentraut
Peter Eisentraut
Attachments
Show all attachments
Thread Outline
#1Joshua JoreJoshua Jore
Jul 05, 2001
#2Peter EisentrautPeter Eisentrautto Joshua Jore (#1)
Jul 05, 2001
#3Joshua JoreJoshua Joreto Peter Eisentraut (#2)
Jul 06, 2001

OpenBSD Trusted Path Execution (TPE) compatibility?

Started by Joshua Jorealmost 25 years ago3 messagesgeneral
Jump to latest
#1Joshua Jore
Joshua Jore
moomonk@daisy-chan.org

Hi folks,
I'm new to postgresql so please bear with me. I've got PostgreSQL
installed and working successfully on my OpenBSD machine. I'm also installing
the TPE patches which do a few things:

Prevent execution of binaries that are in directories not owned by root
Prevents interpreters from reading from STDIN
Protect most proc info and *stat stuff
Strips LD_PRELOAD and LD_LIBRARY_PATH

Is there any reason that PostgreSQL or postmaster would have a problem
with this or has anyone tried these together? (It's always possible to
designate postgresql as a trusted user so it doesn't have these
restrictions but I'd rather not if I don't have to)

Thanks,
Joshua Jore

#2Peter Eisentraut
Peter Eisentraut
peter_e@gmx.net
In reply to: Joshua Jore (#1)
Re: OpenBSD Trusted Path Execution (TPE) compatibility?

Joshua Jore writes:

Prevent execution of binaries that are in directories not owned by root
Prevents interpreters from reading from STDIN
Protect most proc info and *stat stuff
Strips LD_PRELOAD and LD_LIBRARY_PATH

Is there any reason that PostgreSQL or postmaster would have a problem
with this

You might have trouble with the second item if you're using passwords,
since those have to come from stdin somehow. But your description is too
vague to tell. The others shouldn't pose any problems.

--
Peter Eisentraut peter_e@gmx.net http://funkturm.homeip.net/~peter

#3Joshua Jore
Joshua Jore
moomonk@daisy-chan.org
In reply to: Peter Eisentraut (#2)
Re: OpenBSD Trusted Path Execution (TPE) compatibility?

Nah, the restriction is only on fd 0 which isn't going to happen in reads
to real files. I've got it figured out now - unless I write some code for
PostgreSQL and don't let root own it (not run it, the postgresql user does
that) then I don't have to trust the daemon user.

Thanks for the suggestion tho. It's been an education ;-)

Josh

On Thu, 5 Jul 2001, Peter Eisentraut wrote:

Show quoted text

Joshua Jore writes:

Prevent execution of binaries that are in directories not owned by root
Prevents interpreters from reading from STDIN
Protect most proc info and *stat stuff
Strips LD_PRELOAD and LD_LIBRARY_PATH

Is there any reason that PostgreSQL or postmaster would have a problem
with this

You might have trouble with the second item if you're using passwords,
since those have to come from stdin somehow. But your description is too
vague to tell. The others shouldn't pose any problems.

--
Peter Eisentraut peter_e@gmx.net http://funkturm.homeip.net/~peter

---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/users-lounge/docs/faq.html

← Back to Topics