|
1 | | -<!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.404 2008/01/3117:22:43 momjian Exp $ --> |
| 1 | +<!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.405 2008/01/3123:03:16 momjian Exp $ --> |
2 | 2 |
|
3 | 3 | <chapter Id="runtime"> |
4 | 4 | <title>Operating System Environment</title> |
@@ -1398,10 +1398,10 @@ $ <userinput>kill -INT `head -1 /usr/local/pgsql/data/postmaster.pid`</userinput |
1398 | 1398 | linkend="guc-unix-socket-directory">) that has write permission only |
1399 | 1399 | for a trusted local user. This prevents a malicious user from creating |
1400 | 1400 | their own socket file in that directory. If you are concerned that |
1401 | | - some applications might stilllook in <filename>/tmp</> for the |
1402 | | - socket file and hence be vulnerable to spoofing,create a symbolic link |
1403 | | -during operating system startup in<filename>/tmp</> that points to |
1404 | | - the relocated socket file. You also might need to modify your |
| 1401 | + some applications might stillreference <filename>/tmp</> for the |
| 1402 | + socket file and hence be vulnerable to spoofing,during operating system |
| 1403 | +startup create symbolic link<filename>/tmp/.s.PGSQL.5432</> that points |
| 1404 | +tothe relocated socket file. You also might need to modify your |
1405 | 1405 | <filename>/tmp</> cleanup script to preserve the symbolic link. |
1406 | 1406 | </para> |
1407 | 1407 |
|
|