Skip to content

fix: secure WAL archive permissions (770 instead of 777)#32

Merged
elitan merged 1 commit intomainfrom
fix/wal-archive-permissions
Dec 26, 2025
Merged

fix: secure WAL archive permissions (770 instead of 777)#32
elitan merged 1 commit intomainfrom
fix/wal-archive-permissions

Conversation

@elitan
Copy link
Owner

@elitan elitan commented Dec 26, 2025

Summary

Fixes #22 - WAL archive directories were created with chmod 777, allowing any system user to corrupt/delete WAL files and break PITR.

  • Changed permissions from 777 to 770
  • Set ownership to 70:70 (PostgreSQL user/group), matching the SSL certificate pattern
  • Added sudoers rule for WAL archive chown in setup command
  • Added regression test verifying permissions and ownership

Test plan

  • New test should set restrictive permissions (770) on WAL archive directory passes
  • All existing WAL tests pass
  • CI passes

🤖 Generated with Claude Code

@elitan @claude
fix: secure WAL archive permissions (770 instead of 777)
c1470af 
Fixes #22 - WAL archive directories were world-writable, allowing any
system user to corrupt/delete WAL files and break PITR.

Changes:
- Use chmod 770 instead of 777 for WAL archive directories
- Set ownership to 70:70 (PostgreSQL user/group) like SSL certificates
- Add sudoers rule for WAL archive chown in setup command
- Add regression test for permissions

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@elitan elitan merged commit db1c366 into main Dec 26, 2025
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

bug: WAL archive has 777 permissions - any user can corrupt

1 participant

@elitan