Revert "Secure Unix-domain sockets of "make check" temporary clusters."

About half of the buildfarm members use too-long directory names, strongly suggesting that this approach is a dead end.
2025-07-27 12:41:57 +03:00 · 2014-03-29 03:12:00 -04:00
parent 8cade31dc5
commit a8365a2d2f
2 changed files with 22 additions and 44 deletions
--- a/doc/src/sgml/regress.sgml
+++ b/doc/src/sgml/regress.sgml
@ -57,14 +57,21 @@ gmake check

  <warning>
   <para>
-    On systems lacking Unix-domain sockets, notably Windows, this test method
-    starts a temporary server configured to accept any connection originating
-    on the local machine.  Any local user can gain database superuser
-    privileges when connecting to this server, and could in principle exploit
-    all privileges of the operating-system user running the tests.  Therefore,
-    it is not recommended that you use <literal>gmake check</> on an affected
-    system shared with untrusted users.  Instead, run the tests after
-    completing the installation, as described in the next section.
+    This test method starts a temporary server, which is configured to accept
+    any connection originating on the local machine.  Any local user can gain
+    database superuser privileges when connecting to this server, and could
+    in principle exploit all privileges of the operating-system user running
+    the tests.  Therefore, it is not recommended that you use <literal>gmake
+    check</> on machines shared with untrusted users.  Instead, run the tests
+    after completing the installation, as described in the next section.
+   </para>
+
+   <para>
+    On Unix-like machines, this danger can be avoided if the temporary
+    server's socket file is made inaccessible to other users, for example
+    by running the tests in a protected chroot.  On Windows, the temporary
+    server opens a locally-accessible TCP socket, so filesystem protections
+    cannot help.
   </para>
  </warning>

@ -104,17 +111,6 @@ gmake MAX_CONNECTIONS=10 check
    runs no more than ten tests concurrently.
   </para>

-   <para>
-    To protect your operating system user account, the test driver places the
-    server's socket in a relative subdirectory inaccessible to other users.
-    Since most systems constrain the length of socket paths well
-    below <literal>_POSIX_PATH_MAX</>, testing may fail to start from a
-    directory with a long name.  Work around this problem by pointing
-    the <envar>PG_REGRESS_SOCK_DIR</> environment variable to a substitute
-    socket directory having a shorter path.  On a multi-user system, give that
-    directory mode <literal>0700</>.
-   </para>
-
  <para>
   To run the tests after installation<![%standalone-ignore;[ (see <xref linkend="installation">)]]>,
   initialize a data area and start the