|
|
|
|
|
|
by ak4g
3748 days ago
|
|
|
As a project, I don't think PostgreSQL wants (or should want) anybody running a DB from the source tarball that's (eventually) stamped as 9.6 - it's existence is a mere artifact of the actual packaging work that goes on during a release. In all cases you should be installing packages via your OS's installation mechanism, and those packages will be authenticated (or not, as the case may be, but it's not in-scope for Postgres-the-project, and it shouldn't be different for installing PG vs. any other piece of software on the system). A production-ready setup needs an OS user, logging/logfile rotation, some tooling for managing DB clusters, and a half-dozen other things I've never even thought about. If you just want to check out the source, clone the repo. But in a production environment, you always want to use a package provided by your OS vendor. Postgres has excellent packagers for both Debian and RHEL-flavored distros (and I imagine more) and you really want to have the system-level considerations thought through by someone by someone who knows what needs to be thought about. |
|
|
My OS's install mechanism downloads the source tarball. It does authenticate the download, of course. The point being you don't know what platform someone is using, and the source may be the only way they can install PostgreSQL.
> PostgreSQL wants
It doesn't matter what they want - if the source is available for download, it will be used. Unauthenticated downloads are an "attractive nuisance" that puts users at risk. The actual download links[1] at www.postgresql.org do use https, but the HTML that contains the download URLs irresponsibly redirects https requests back to http. While the download of the actual source tarball is authenticated, the URL to that download can easily be modified in transit.
[1] https://www.postgresql.org/ftp/source/v9.5.1/