Package: postgresql-9.4 / 9.4.12-0+deb8u1~bpo7+1

02-relax-sslkey-permscheck.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
Description: Relax security check on private SSL key file: The file is also considered safe if it has owner and/or group "root", and if it is group-readable (unless the group is something other than root or the database owner group).
Author: Martin Pitt <mpitt@debian.org>
Forwarded: Yes, but rejected upstream
Bug-Debian: http://bugs.debian.org/3279.2

Index: postgresql-9.2/src/backend/libpq/be-secure.c
===================================================================
--- postgresql-9.2.orig/src/backend/libpq/be-secure.c	2012-05-11 00:35:09.000000000 +0200
+++ postgresql-9.2/src/backend/libpq/be-secure.c	2012-05-15 07:39:50.557598618 +0200
@@ -768,12 +768,15 @@
 		 * directory permission check in postmaster.c)
 		 */
 #if !defined(WIN32) && !defined(__CYGWIN__)
-		if (!S_ISREG(buf.st_mode) || buf.st_mode & (S_IRWXG | S_IRWXO))
+		if (!S_ISREG(buf.st_mode) || (buf.st_mode & (S_IWGRP | S_IRWXO)) ||
+			((buf.st_uid != geteuid()) && buf.st_uid != 0))
 			ereport(FATAL,
 					(errcode(ERRCODE_CONFIG_FILE_ERROR),
 				  errmsg("private key file \"%s\" has group or world access",
 						 ssl_key_file),
-				   errdetail("Permissions should be u=rw (0600) or less.")));
+				   errdetail("File must be owned by the \
+database user or root, must have no write permission for \"group\", and must \
+have no permissions for \"other\".")));
 #endif
 
 		if (SSL_CTX_use_PrivateKey_file(SSL_context,