search

darold / pgcluu

PostgreSQL Cluster performances monitoring and auditing tool
http://pgcluu.darold.net/
PostgreSQL License
336 stars 45 forks source link

Access to collected data #127

Closed Krysztophe closed 3 years ago

Krysztophe commented 3 years ago

Is this not a bit dangerous, to let the collected data by default readable by the www-data user? There are some things like the pg_hba.conf, for example.

https://github.com/darold/pgcluu/blob/24369b47e227458019b0b37f59971660dfb89ae8/pgcluu_collectd.service#L22

It seems to be necessary for the CGI script, but it is not activated by default on packaged installation.

(By the way, I don't really see the value of the CGI, the pgcluu.timer seems enough to me.)

darold commented 3 years ago

If the environment is not controlled yes it could be a bit dangerous.