[CentOS] PostgreSQL/SELinux Error - relation "pg_catalog.pg_user" does not exist

Tue May 24 13:27:36 UTC 2005
John Logsdon <j.logsdon at quantex-research.com>

Well I agree you can be in as many groups as you like.  But what I meant
was that making your primary group the same as the user means you have no
granularity of control without adding extra groups.  It makes 0700 the
same as 0770.  

I suppose as groups essentially relax security, giving each user his/her
own groups should make a tighter ship but in practice what people do is to
give world access when they shouldn't.  The proper solution is to add a
group of course.  Few do this I think.

But my real rant was against the sloppy access controls at installation
time which means that the regular user can look at all sorts of system
things they shouldn't.  I don't know of any automatic hardening procedure
that can correct this.

Best wishes

John

John Logsdon                               "Try to make things as simple
Quantex Research Ltd, Manchester UK         as possible but not simpler"
j.logsdon at quantex-research.com              a.einstein at relativity.org
+44(0)161 445 4951/G:+44(0)7717758675       www.quantex-research.com


On Tue, 24 May 2005, Les Mikesell wrote:

> On Tue, 2005-05-24 at 04:49, John Logsdon wrote:
> 
> > At the user level, RH (? was it them?) started off the fashion of giving
> > every user their own group.  So groups become immediately pointless.  
> 
> How so?  The point of groups is that you can be in more than one.  How
> does starting out in a group of your own make them pointless?  It does
> give a unique entry by default that the administrator can customize for
> each user that wants others to be able to access his files.
> 
> -- 
>   Les Mikesell
>    lesmikesell at gmail.com
> 
> 
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>